1. No category

Nasuni Management Console Guide

Nasuni Management Console
Guide
Version 7.9
June 2017
Last modified: June 21, 2017
© 2017 Nasuni Corporation
All Rights Reserved
Document Information
Nasuni Management Console Guide
Version 7.9
June 2017
Copyright
© Copyright 2010-2017 by Nasuni Corporation. All rights reserved.
Information in this document is subject to change without notice and does not represent a
commitment on the part of Nasuni. The software described in this document is furnished under a
license agreement. The software may be used only in accordance with the terms of the license
agreement. It is against the law to copy the software on any medium. No part of this manual may
be reproduced or transmitted in any form or by any means, electronic or mechanical, including
photocopying and recording, for any purpose without the express written permission of Nasuni
Corporation.
Notice
Although Nasuni Corporation has attempted to ensure the accuracy of the content of this manual,
it is possible that this document may contain technical inaccuracies, and typographical or other
errors. Nasuni assumes no liability for any error in this publication, and for damages, whether
direct, indirect, incidental, consequential or otherwise, that may result from such error, including,
but not limited to loss of data or profits.
Nasuni provides this publication “as is” without warranty of any kind, either express or implied,
including, but not limited to implied warranties of merchantability or fitness for a particular
purpose.
Trademarks
NASUNI, UNIFS, and the ovals logo are Nasuni trademarks and service marks. All other names, brands and products are the
property of their respective owners.
Contacting Nasuni Corporation
Nasuni Corporation
One Marina Park Drive
Boston, MA 02210
Telephone: 1-857-444-8500
Sales: 1-800-208-3418
http://www.nasuni.com
Email: [email protected]
Technical Support
Telephone: 1-888-6NASUNI (888-662-7864)
Email: [email protected]
Technical Support is available 24/7/365 for full production clients.
Contents
Contents
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .iii
Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xiv
Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xiv
What’s in this Book . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xiv
Text Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv
Product Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xvi
Electronic Publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xvi
Recent Changes to this Document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xviii
Chapter 1: The Nasuni Management Console . . . . . . . . . . . . . . . . . . . . . . . . 1
Nasuni NAS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Nasuni Filer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Nasuni Management Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Placing a Nasuni Filer under the control of the Nasuni Management Console . . 2
Key Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Chapter 2: Task Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Starting with the Nasuni Management Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Installing the Nasuni Management Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Creating new volumes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Managing the Nasuni Management Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Managing data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Providing data access to users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Downloading, restoring, and bringing data into cache . . . . . . . . . . . . . . . . . . . . 7
Setting quotas on folders and volumes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Sharing data between Nasuni Filers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Adding data to volumes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Protecting data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Nasuni Management Console Guide 7.9
iii
Contents
Managing volumes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Handling encryption keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Role-based access control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
SSL certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Antivirus protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Firewall protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Changing performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Actions only available on the Nasuni Filer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Chapter 3: Installing the Nasuni Management Console . . . . . . . . . . . . . . . . 14
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Requirements for the Nasuni Management Console . . . . . . . . . . . . . . . . . . . . . . . . 14
Initial, Recommended, and Minimum Memory . . . . . . . . . . . . . . . . . . . . . . . . . 15
Downloading the Nasuni Management Console Software . . . . . . . . . . . . . . . . . . . . 16
Connecting with the Nasuni Management Console . . . . . . . . . . . . . . . . . . . . . . . . . 19
SSL Security Certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Example using Mozilla Firefox . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Example using Google Chrome . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Example using Microsoft Internet Explorer . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Installing the Nasuni Management Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Chapter 4: Login Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Logging in to the Nasuni Management Console . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Resetting Administrative Account (Forgot password?) . . . . . . . . . . . . . . . . . . . . . . 33
Viewing the Nasuni Management Console Help . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Chapter 5: Common Screen Elements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Username . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Navigation Bar Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Viewing the Nasuni Management Console Help . . . . . . . . . . . . . . . . . . . . . . . . 35
Viewing the Nasuni Management Console Release Notes . . . . . . . . . . . . . . . . 36
Powering Down and Rebooting the Nasuni Management Console . . . . . . . . . . 37
Changing Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Logging Out of the Nasuni Management Console . . . . . . . . . . . . . . . . . . . . . . . 39
Other screen elements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Pop-up Software Update Notifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Search text box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Time zone selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Nasuni Management Console Guide 7.9
iv
Contents
Notifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Sorting lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Action status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Chapter 6: Home Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
System Health . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Hardware Health . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Volumes Managed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Filers Managed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Capacity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Migrations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Data Growth chart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Network Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
File Types Written . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
File Sizes in Snapshots . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Chapter 7: Volumes Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Volumes page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Volumes Managed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Unified Storage Access Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
HTTPS Access Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Volume Health . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Data Not Yet Protected chart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Data Growth chart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Volume List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
Volume details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
Deleting a local volume . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Disconnecting from a remote volume . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Take Snapshot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Cancel Snapshot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
Create Volume . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Connect (and Disconnect) Volume . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
File System Browser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Selecting Volume, Folder, or Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Actions with Selected Volume, Folder, or Files . . . . . . . . . . . . . . . . . . . . . . . . . 80
Unprotected Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
Viewing unprotected files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
Nasuni Management Console Guide 7.9
v
Contents
Exports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Viewing exports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Creating exports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
Editing exports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
Editing host options for exports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
Deleting exports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
FTP Directories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
Viewing FTP directories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
Creating FTP directories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
Editing FTP directories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
Deleting FTP directories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
Shares . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
Viewing shares . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
Creating shares . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
Web Access Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
Editing shares . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
Deleting shares . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
iSCSI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
Viewing iSCSI volumes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
Editing iSCSI volumes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
Auto Cached Folders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
Viewing folders that have Auto Cache enabled . . . . . . . . . . . . . . . . . . . . . . . . 128
Disabling Auto Cache . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
Encryption Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
Viewing encryption keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
Adding encryption keys to a volume . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
Enabling encryption keys for a volume . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
Disabling encryption keys for a volume . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
Name of volume . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
Viewing volume names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
Changing volume name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
Pinned Folders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136
Viewing and disabling pinned folders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136
Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
Quota . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
Viewing volume quota setting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
Editing volume quota . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
Viewing, editing, and deleting folder quotas . . . . . . . . . . . . . . . . . . . . . . . . . . 142
Nasuni Management Console Guide 7.9
vi
Contents
Viewing folder quota rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
Editing and deleting folder quota rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
Remote Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
Viewing remote access setting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
Editing remote access settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
Snapshot Directory Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
Viewing snapshot directory access settings . . . . . . . . . . . . . . . . . . . . . . . . . . 150
Editing snapshot directory access settings . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
Snapshot retention . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152
Viewing snapshot retention settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152
Editing snapshot retention settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153
Snapshot schedule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
Viewing snapshot schedules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
Editing snapshot schedules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
Sync Schedule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
Scheduling Syncs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158
Antivirus Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
Viewing Antivirus Service settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
Editing Antivirus Service settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
Antivirus Violations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164
Viewing antivirus violations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164
Reviewing antivirus violations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
File System Auditing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
File Alert Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172
Viewing File Alert Service settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172
Editing File Alert Service settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
Chapter 8: Filers Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175
Filers page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176
Filers Managed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176
Connected Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
Migrations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
Filer Health . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
Network Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178
Mobile Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179
Account Filers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180
Network Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182
Mobile Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182
Nasuni Management Console Guide 7.9
vii
Contents
CPU Activity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183
Memory Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183
API Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186
Automatic Software Updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
Viewing automatic software update settings . . . . . . . . . . . . . . . . . . . . . . . . . . 188
Editing automatic software update settings . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
Cache Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190
Viewing cache settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191
Editing cache settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192
Central Configuration Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
Creating Central Configuration Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
Editing Central Configuration Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196
Deleting Central Configuration Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197
CIFS Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198
Viewing CIFS settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198
Editing CIFS settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199
FTP Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201
Viewing FTP settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201
Editing FTP settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202
Nasuni Filer Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203
Viewing Nasuni Filer descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203
Editing the Nasuni Filer description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203
Disk Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
Viewing disk encryption status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
Editing the disk encryption status of the Nasuni Filer . . . . . . . . . . . . . . . . . . . 205
Email Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
Encryption Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208
Viewing encryption keys on Nasuni Filers . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
Adding (importing or uploading) encryption keys to Nasuni Filers . . . . . . . . . . 210
Sending encryption keys to Nasuni Filers . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211
Escrowing Encryption Keys with Nasuni . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212
Deleting Encryption Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213
Global Locking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214
Quality of Service (Bandwidth) Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216
Viewing Quality of Service settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217
Adding Quality of Service rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217
Editing Quality of Service rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219
Deleting Quality of Service rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220
Nasuni Management Console Guide 7.9
viii
Contents
Quota Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221
Viewing quota report schedules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222
Sending a quota report manually . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223
Adding quota report schedules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224
Editing quota report schedules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226
SNMP Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228
Viewing SNMP settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229
Editing SNMP settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230
Time Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232
Viewing time zone and time source settings . . . . . . . . . . . . . . . . . . . . . . . . . . 232
Editing time zone and time source settings . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
Web Access Branding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234
Migrations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236
Viewing migrations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236
Migration Sources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238
Viewing migration sources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238
Migration Schedules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239
Viewing migration schedules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239
Mobile Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240
Viewing Mobile Access service settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240
Editing Mobile Access service settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241
Generating Invitation Link for Mobile Access . . . . . . . . . . . . . . . . . . . . . . . . . . 242
Mobile Licenses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243
Viewing licenses for the Desktop and Mobile Access service . . . . . . . . . . . . . 243
Enabling Mobile Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244
Disabling Mobile Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244
Deleting Mobile Access licenses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244
Refresh License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245
Refreshing license . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245
Remote Support Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246
Viewing Remote Support Service settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246
Enabling and disabling Remote Support Service . . . . . . . . . . . . . . . . . . . . . . . 247
Send Diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248
Side Load . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249
Starting the Side Load process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249
Viewing and controlling the Side Load process . . . . . . . . . . . . . . . . . . . . . . . . 251
Cache Jobs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253
Viewing cache jobs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253
Nasuni Management Console Guide 7.9
ix
Contents
CIFS Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254
Viewing CIFS clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254
Disconnecting clients from a share . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255
Resetting the CIFS Authentication Cache . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255
Resetting All CIFS Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256
CIFS File Locks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257
Viewing file locks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257
Disconnecting file locks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257
FTP clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258
Viewing FTP clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258
Disconnecting FTP clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259
Filer Heuristics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260
Data Growth chart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261
File Types Written . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261
File Sizes in snapshots . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261
iSCSI status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262
Viewing iSCSI targets and initiators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262
Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263
Viewing network settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263
Pending Updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266
Viewing pending updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266
Acknowledging pending updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266
Platform Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267
Viewing hardware and virtual machine information . . . . . . . . . . . . . . . . . . . . . 267
Security Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 271
Viewing security settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 271
Shared Link Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273
Viewing shared links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273
Deleting shared links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274
Shutdown and Reboot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275
Software Updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
Viewing Nasuni Filer software updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
Updating Nasuni Filer software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279
System Alerts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280
SSL Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282
Viewing SSL certificate information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282
Chapter 9: Account Status Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283
Nasuni Management Console Guide 7.9
x
Contents
Account Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283
Viewing account status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283
Refreshing license . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284
Serial Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285
Viewing serial numbers and authorization codes . . . . . . . . . . . . . . . . . . . . . . . 285
Chapter 10: Console Settings Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 286
Configuration Overview page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287
Automatic Software Updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289
Viewing automatic software update settings for the NMC . . . . . . . . . . . . . . . . 289
Editing automatic software update settings for the NMC . . . . . . . . . . . . . . . . 290
Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291
Viewing description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291
Editing the description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291
Email Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292
SNMP Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294
Editing SNMP settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294
Time Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296
Setting time zone and time source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296
Directory Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297
About Active Directory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297
About LDAP Directory Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297
Joining the Nasuni Management Console (not previously joined to any domain) to a domain
298
Viewing information about Directory Services already configured . . . . . . . . . . 307
Editing LDAP Directory Services domain settings . . . . . . . . . . . . . . . . . . . . . . 309
Updating the keytab file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310
Editing Active Directory domain settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311
Editing Active Directory general settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 312
Domain Settings (for NMCs running versions before 7.8) . . . . . . . . . . . . . . . . . . . 313
Joining the Nasuni Management Console to an Active Directory domain (for NMCs running
versions before 7.8) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314
Viewing Active Directory domains (for NMCs running versions before 7.8) . . . 317
Changing access for Active Directory domains (for NMCs running versions before 7.8) 319
Leaving an Active Directory domain (for NMCs running versions before 7.8) . 321
Encryption Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322
Viewing encryption keys on the Nasuni Management Console . . . . . . . . . . . . 323
Uploading (importing or adding) encryption keys to the NMC . . . . . . . . . . . . . 324
Downloading the NMC’s generated encryption key . . . . . . . . . . . . . . . . . . . . . 325
Nasuni Management Console Guide 7.9
xi
Contents
Escrowing encryption keys with Nasuni . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326
Deleting Encryption Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327
Session Timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 328
Setting session timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 328
SSL Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329
Viewing SSL certificate information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329
Copying SSL certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331
Generating SSL certificates or a self-signed certificate to the NMC . . . . . . . . 332
Uploading SSL Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334
Replacing SSL Certificates or SSL Certificate Chains . . . . . . . . . . . . . . . . . . . 336
Enabling SSL Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 338
Downloading SSL Certificate Request Files . . . . . . . . . . . . . . . . . . . . . . . . . . . 339
Deleting SSL Certificates or Certificate Requests . . . . . . . . . . . . . . . . . . . . . . 340
Saving SSL Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341
Console Users and Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342
Viewing permission groups and users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342
Viewing Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 344
Adding Native Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345
Editing Users and Changing User Passwords . . . . . . . . . . . . . . . . . . . . . . . . . 346
Linking Domain Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 347
Deleting Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 349
Viewing Permission Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350
Adding Permission Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350
Editing Permission Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353
Deleting Permission Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 354
Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355
Networking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 356
Proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 359
Software Update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360
Remote Support Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362
Enabling and disabling Remote Support Service . . . . . . . . . . . . . . . . . . . . . . . 362
Send Diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363
Chapter 11: Notifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364
Viewing Notifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365
Acknowledging Notifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367
Deleting Notifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367
Downloading Notifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368
Nasuni Management Console Guide 7.9
xii
Contents
Chapter 12: Disaster Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369
Recovering the Nasuni Management Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369
Appendix A: Console Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382
Using console commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382
Changing device and network parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . 384
Changing static IP address and other network parameters . . . . . . . . . . . . . . . 387
Enabling DHCP Networking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390
Viewing the MAC Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392
Appendix B: Nasuni Terms of Service and License Agreement . . . . . . . . 393
Nasuni Corporation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393
Appendix C: Filtering Displays . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394
Appendix D: Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395
Nasuni Filer and NMC Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395
Appendix E: Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 411
Nasuni Management Console Guide 7.9
xiii
Preface
Audience
Preface
Audience
This Guide is intended for the IT administrator or person responsible for managing Nasuni Filers using
the Nasuni Management Console user interface.
What’s in this Book
This guide contains the following chapters:
•
Chapter 1, “The Nasuni Management Console,” on page 1 describes the major features and
concepts of the Nasuni Management Console and the Nasuni Filer.
•
Chapter 2, “Task Overview,” on page 4 gives overviews of common tasks that users can
perform with the Nasuni Management Console.
•
Chapter 3, “Installing the Nasuni Management Console,” on page 14 describes how to install
the Nasuni Management Console.
•
Chapter 4, “Login Page,” on page 31 explains how to log in to the Nasuni Management
Console, reset the account, and access online help.
•
Chapter 5, “Common Screen Elements,” on page 35 explains the user interface elements that
are common to all the pages, including notifications, online help, and the procedure for
powering down the Nasuni Management Console.
•
Chapter 6, “Home Page,” on page 42 explains the features of the Home page, including viewing
many details of system status.
•
Chapter 7, “Volumes Page,” on page 49 explains how to view the status of volumes and modify
settings of volumes.
•
Chapter 8, “Filers Page,” on page 175 explains how to view the status of Nasuni Filers and
modify settings of Nasuni Filers.
•
Chapter 9, “Account Status Page,” on page 283 explains how to view details of the account.
•
Chapter 10, “Console Settings Page,” on page 286 explains how to configure the Nasuni
Management Console.
•
Chapter 11, “Notifications,” on page 364 explains how to view and acknowledge Nasuni
Management Console notifications.
Nasuni Management Console Guide 7.9
xiv
Preface
What’s in this Book
•
Chapter 12, “Disaster Recovery,” on page 369 explains how to recover the Nasuni Management
Console in the event of a disaster.
•
Appendix E, “Glossary,” on page 402 provides definitions of terms related to the Nasuni
Management Console.
•
Appendix A, “Console Commands,” on page 382 describes console commands for configuring
network settings.
•
Appendix B, “Nasuni Terms of Service and License Agreement,” on page 393 is the link to the
Nasuni Terms of Service and License Agreement.
Text Conventions
The following text conventions are used in this document:
Convention
Description
1. Number
Used to indicate a step in a task.
• Bullet
Used for items in a list without any particular order.
Bold
Used to give emphasis to a word. Also used for named
graphical elements.
Italics
Used to represent options or parameters.
Underline
Used for hyperlinks, such as links to Web sites.
Monospace
Used to indicate pathnames, filenames, folder names,
typed information, and code.
Nasuni Management Console Guide 7.9
xv
Product Documentation
Electronic Publications
Product Documentation
Electronic Publications
Extensive documentation is available for all aspects of installing, configuring, and operating the Nasuni
Filer. The latest version of each of the following documents is available in PDF format at
http://www.nasuni.com/support/documentation.
•
Hardware Getting Started Guide: For setting up the Nasuni Filer on the Nasuni Filer hardware
appliance.
To download this guide for the NF-60, visit:
http://www6.nasuni.com/rs/nasuni/images/Nasuni_Filer_HW_GS_Guide_NF-60.pdf
To download this guide for the NF-200, visit:
http://www6.nasuni.com/rs/nasuni/images/Nasuni_Filer_HW_GS_Guide_NF-200.pdf
To download this guide for the NF-400, visit:
http://www6.nasuni.com/rs/nasuni/images/Nasuni_Filer_HW_GS_Guide_NF-400.pdf
To download this guide for the NF-440, visit:
http://www6.nasuni.com/rs/nasuni/images/Nasuni_Filer_HW_GS_Guide_NF-440.pdf
To download this guide for the NF-600, visit:
http://www6.nasuni.com/rs/nasuni/images/Nasuni_Filer_HW_GS_Guide_NF-600.pdf
•
Installing the Nasuni Filer on Virtual Platforms: For installing the Nasuni Filer on a virtual machine
within a corporate network. To download this guide, visit:
http://www6.nasuni.com/rs/nasuni/images/Installing-on-Virtual.pdf
•
Installing the Nasuni Filer on the Azure Platform: For installing the Nasuni Filer on the Microsoft
Azure cloud virtual machine. To download this guide, visit:
http://www6.nasuni.com/rs/nasuni/images/Installing-on-Azure.pdf
•
Installing the Nasuni Filer on the EC2 Platform: For installing the Nasuni Filer on the Amazon
EC2 cloud virtual machine. To download this guide, visit:
http://www6.nasuni.com/rs/nasuni/images/Installing-on-EC2.pdf
•
Initial Configuration Guide: For configuring and deploying the Nasuni Filer after the initial
installation on the hardware appliance or virtual machine. To download this guide, visit:
http://www6.nasuni.com/rs/nasuni/images/Nasuni_Filer_Initial_Configuration_Guide.pdf
Nasuni Management Console Guide 7.9
xvi
Product Documentation
•
Electronic Publications
Administration Guide: For managing unified storage using the Nasuni Filer.
To download this guide, visit:
http://www6.nasuni.com/rs/nasuni/images/Nasuni_Filer_Administration_Guide.pdf
•
Nasuni Management Console Guide: For managing multiple Nasuni Filers.
To download this guide, visit:
http://www6.nasuni.com/rs/nasuni/images/NMCGuide.pdf
•
Nasuni Management Console Quick Start Guide: To quickly get started using the Nasuni
Management Console to manage multiple Nasuni Filers. To download this guide, visit:
http://www6.nasuni.com/rs/nasuni/images/NMCQuickStartGuide.pdf
•
Using Multiple Protocols: Discusses scenarios requiring particular access to data, and how
different combinations of protocols can help provide the access that clients need.
To download this guide, visit:
http://www6.nasuni.com/rs/nasuni/images/UsingMultipleProtocols.pdf
•
Third-Party Licensing Guide: Listing of third-party software used in the Nasuni Filer.
To download this guide, visit:
http://www6.nasuni.com/rs/nasuni/images/Nasuni_Filer_Third-Party_Licensing_Guide.pdf
Nasuni Management Console Guide 7.9
xvii
Recent Changes to this Document
Recent changes to this document include the following:
Topic
Section or Step
Page
Requirements for the Nasuni Management Console
“Requirements for the
Nasuni Management
Console”
page 14
Initial, Recommended, and Minimum Memory
“Initial, Recommended,
and Minimum Memory”
page 15
Inheriting Advanced Global Locking settings
“From the Locking Mode
drop-down list, select
one of the following
locking modes:”
page 85
Access to shared links for specified users in specified
groups
“If shared links are
enabled, and you
selected Allow only
specified Groups and
Users, you can specify
the groups and users
who can create shared
links.”
page 120
LDAP Directory Services
“Directory Services”
page 297
Nasuni Management Console Guide
xviii
Chapter 1: The Nasuni Management Console
Nasuni NAS
Nasuni delivers an advanced storage solution using a cloud infrastructure. The core technology is a
next-generation storage controller – the Nasuni Filer – that offers the security and performance of
traditional storage, while adding unlimited scalability, automatic offsite protection, and global multi-site
access to files. The Nasuni system is managed through a single, small-footprint point of control within
the enterprise’s data center.
The Nasuni Filer is an on-premises storage device supporting NFS, CIFS, FTP/SFTP, iSCSI, and HTTP/
REST protocols. The Nasuni Filer is fully integrated with Active Directory, LDAP, Distributed File System
(DFS), and Windows Previous Versions. It includes a high-performance cache and takes periodic
snapshots that enable file-level restores. Its reach and capacity far exceed those of a traditional
controller, however, because it does not rely only on memory and local disk to manage its data: it has
the entire capacity of the cloud at its disposal. All data is deduplicated, compressed, and encrypted
before storage.
Several choices are available for the back-end cloud storage component, including the following:
•
Nasuni’s integrated service, which includes a Nasuni-managed Microsoft Azure account.
•
Your own public cloud service from Microsoft Azure Blob Storage or Amazon AWS S3.
•
Private cloud products, including Cleversafe and EMC ViPR/ECS and Atmos.
The choices for the back-end cloud storage component are part of each customer license. Each
volume has only one back-end cloud storage component.
Multi-site access enables organizations with several locations to work on a single set of shared data.
Nasuni’s architecture allows multiple storage controllers to have live access to the same volume of
data. Organizations benefit by having a simple, safe, and secure way to share data across any number
of sites. Nasuni’s multi-site access enables capabilities that include:
•
Secure data distribution to remote office/branch office (ROBO).
•
Remote offices forwarding data to a central point.
•
Two-way synchronized read-write.
Multi-site access does away with cumbersome replication schemes and slow WAN optimizers.
Nasuni Management Console Guide 7.9
1
The Nasuni Management Console
Nasuni Filer
Nasuni Filer
Nasuni’s NAS is delivered through the Nasuni Filer, a storage controller that runs in your data center
and provides primary storage with built-in backup, offsite protection, and multi-site access. With your
Nasuni Filer, you manage your volumes and performance using the Web-based Nasuni Filer user
interface.
The Nasuni Filer is available as a virtual appliance, as a hardware appliance, and as a Microsoft Azure
and Amazon EC2 virtual appliance.
Nasuni Management Console
The Nasuni Management Console enables you to monitor and manage many Nasuni Filers from one
central appliance. Using the Nasuni Management Console, you can view the status of all of your
managed Nasuni Filers, as well as configure their settings. Using the Nasuni Management Console, you
can ensure consistent settings on all your Nasuni Filers.
Note: If a Nasuni Filer loses internet connectivity with the Nasuni Management Console, the
Nasuni Filer can still leave the Nasuni Management Console.
Using the Nasuni Management Console, you can manage Nasuni Filers even if they are not presently
connected. Any configuration changes made will propagate to the Nasuni Filer when it becomes
connected.
Note: Notifications and changes on Nasuni Filers can take up to 10 minutes to appear in the
Nasuni Management Console.
Certain actions remain unique to each Nasuni Filer and are not available for control using the Nasuni
Management Console, including:
•
Restoring files and folders.
•
Network-specific configuration.
•
Active Directory or LDAP configuration.
•
Data migrations.
•
Setting quotas and quota rules (but not quota reporting).
Placing a Nasuni Filer under the control of the Nasuni Management Console
Caution: When a Nasuni Filer goes under Nasuni Management Console control, any
existing users and groups on the Nasuni Filer are replaced.
Nasuni Management Console Guide 7.9
2
The Nasuni Management Console
Nasuni Management Console
To enable management by the Nasuni Management Console, follow these steps:
1. Click Services, then select Nasuni Management Console from the list. The Nasuni
Management Console page appears.
Figure 1-1: Nasuni Management Console page.
2. From the NMC Management is drop-down list, select either enabled or disabled.
3. Click Save. A confirmation message appears. A message also appears at the top of the screen.
Note: It can take up to ten minutes for the Nasuni Filer to appear on the Nasuni
Management Console user interface.
Nasuni Management Console Guide 7.9
3
The Nasuni Management Console
Key Terms
Key Terms
The following terms are helpful in understanding the Nasuni Filer:
•
Nasuni Filer: The storage controller in your data center that integrates with your infrastructure
via CIFS, NFS, iSCSI, FTP/SFTP, or HTTPS/REST protocols. The Nasuni Filer can be mapped
as a network drive.
•
Nasuni Filer user interface: The Web-based graphical user interface with which you configure
and manage the Nasuni Filer. The Nasuni Filer user interface is accessible with supported Web
browsers including Mozilla Firefox, Internet Explorer, Safari, and Google Chrome.
•
Nasuni Management Console (NMC): The Web-accessible appliance with which you can
configure and manage multiple Nasuni Filers. The Nasuni Management Console is accessible
with supported Web browsers including Mozilla Firefox, Internet Explorer, Apple Safari, and
Google Chrome.
•
Cloud storage: Internet-based, highly protected, unlimited storage.
•
Volume: A set of files and directories (CIFS, NFS, and FTP/SFTP) or blocks of data (iSCSI).
•
Share/export: An access point to a folder on a volume that can be shared or exported on your
network. Access to a CIFS share can be customized on a user-level or group-level basis. You
can create many shares or exports on a volume, for different purposes or audiences.
•
Cache: The local storage of the Nasuni Filer. All data and metadata that is accessed regularly is
kept locally in the cache. If requested data is not locally resident, it is staged into the cache and
provided for the request.
•
Snapshot: A snapshot is a complete picture of your volume at a specific point in time.
Snapshots offer data protection by enabling you to recover data deleted in error or to restore an
entire file system. After a snapshot has been taken and is sent to cloud storage, it is not
possible to modify that snapshot.
Terminology
The following terminology is useful in understanding Nasuni technology:
Alerts and messages: See “Notifications”, including “Notifications” on page 364.
Backup: See “Snapshots”, including “Snapshot schedule” on page 154 and “Snapshot retention” on
page 152.
Bandwidth: See “Quality of Service (QoS)”, including “Quality of Service (Bandwidth) Settings” on
page 216.
Local data: See “Cache”, including “Cache Settings” on page 190.
Maximum capacity: See “Quota”, including “Quota” on page 141.
Moving data to your Nasuni Filer: See “Data Migration”, including “Migrations” on page 236.
Other Nasuni Filers: See “Remote Access”, including “Remote Access” on page 147.
Sets of data: See “Volumes”, including “Volumes page” on page 50.
Also, see “Glossary” on page 402.
Nasuni Management Console Guide 7.9
4
Chapter 2: Task Overview
The Nasuni Management Console provides extensive information that enables you to monitor the
status of your data from a single application. In addition, you can use the Nasuni Management Console
to configure volumes, CIFS shares, NFS exports, and FTP/SFTP directories from a single application,
regardless of which Nasuni Filer they reside on. This makes it simpler and faster for you to perform
multiple, near-simultaneous configurations, while maintaining consistent settings. There can be only
one Nasuni Management Console for your account.
Using the Nasuni Management Console, you can manage Nasuni Filers even if they are not presently
connected. Any configuration changes made will propagate to the Nasuni Filer when it becomes
connected.
Note: Notifications and changes on Nasuni Filers can take up to 10 minutes to appear in the
Nasuni Management Console.
Without the Nasuni Management Console, data management tasks require configuring volumes, CIFS
shares, NFS exports, and FTP/SFTP directories separately on each Nasuni Filer, which is timeconsuming and can lead to inconsistent settings.
This chapter presents an overview of some of the tasks that you can perform with the Nasuni
Management Console, along with links to further information.
Starting with the Nasuni Management Console
Installing the Nasuni Management Console
Installing and configuring the Nasuni Management Console on your virtual platform is a simple and
straightforward process.
•
The Nasuni Management Console runs on your virtual platform. First, download and install the
software on your virtual platform. See “Downloading the Nasuni Management Console
Software” on page 16.
•
Run the Install Wizard, including entering serial number and authorization code, found under the
Account section of www.nasuni.com. See “Installing the Nasuni Management Console” on
page 24.
•
After you install and configure the Nasuni Management Console, you can place Nasuni Filers
under the control of the Nasuni Management Console. See “Placing a Nasuni Filer under the
control of the Nasuni Management Console” on page 2.
Nasuni Management Console Guide 7.9
5
Task Overview
Starting with the Nasuni Management Console
Creating new volumes
You use volumes to manage data. If you do not already have a volume set up, you can create a new
volume.
Before creating a new volume, ensure that you have the encryption keys you would like to use. Nasuni
recommends creating and uploading your own encryption keys (“Adding (importing or uploading)
encryption keys to Nasuni Filers” on page 210). All uploaded encryption keys should be at least 2048
bits long.
•
Otherwise, you can specify generating a new encryption key when you create the new volume.
Nasuni also recommends safeguarding your encryption keys yourself. You can download
generated keys for safeguarding (using the Nasuni Filer user interface). Alternatively, you can
escrow encryption keys with Nasuni (“Escrowing Encryption Keys with Nasuni” on page 212).
Note: If you use the Nasuni Management Console to create a volume on a Nasuni Filer,
and specify generating a new encryption key for that volume, that new encryption key is
generated on the Nasuni Filer, not on the Nasuni Management Console. The only way to
download a Nasuni Filer encryption key is by using the Nasuni Filer user interface.
•
To create a new volume on a Nasuni Filer, see “Create Volume” on page 64.
•
You can create CIFS shares (“Creating shares” on page 111), NFS exports (“Creating exports”
on page 92), and FTP/SFTP directories (“Creating FTP directories” on page 102) for users to
access. You can check and edit the settings for CIFS shares (“Editing shares” on page 123),
NFS exports (“Editing exports” on page 94), and FTP/SFTP directories (“Editing FTP
directories” on page 108).
Managing the Nasuni Management Console
You have many options for configuring the Nasuni Management Console.
•
You can configure the Nasuni Management Console to automatically download and install
software updates. prevent automatic software updates from occurring at inconvenient times,
you can specify the days and times for automatic software updates to occur, or prevent
automatic software updates entirely. See “Automatic Software Updates” on page 289.
Alternatively, you can manually update the Nasuni Management Console software. See
“Software Update” on page 360.
•
You can view the status and expiration date of your subscription. See “Viewing account status”
on page 283. You can also refresh your subscription license. See “Refreshing license” on
page 284.
•
The Notifications page lets you view and acknowledge Nasuni Management Console
notifications. See “Notifications” on page 364.
•
You can configure email alerts, which are sent to your email account from the Nasuni
Management Console. You can select various types of alerts to receive. See “Email Settings” on
page 292.
•
You can perform the disaster recovery procedure for a genuine emergency, or when moving the
Nasuni Management Console to another location. See “Disaster Recovery” on page 369.
Nasuni Management Console Guide 7.9
6
Task Overview
Managing data
Managing data
Providing data access to users
You can define which users can access which data.
•
You can define a CIFS share, an NFS export, or an FTP/SFTP directory for each directory tree
(the directory itself and any files and directories it contains) in a volume. You can create many
shares, exports, or FTP/SFTP directories on a volume. See “Creating shares” on page 111,
“Creating exports” on page 92, and “Creating FTP directories” on page 102. You can check and
edit the settings for CIFS shares “Editing shares” on page 123), NFS exports (“Editing exports”
on page 94), and FTP/SFTP directories (“Editing FTP directories” on page 108).
For each share, export, or FTP/SFTP directory, you can define which volume and which
directory tree within the volume to share or export. You can specify Read-Only access. You can
limit which hosts can access the share, export, or directory.
For CIFS shares, you can use Windows Explorer to define user and group access to folders.
You can map network drives to CIFS shares in Windows, access iSCSI volumes in Windows,
and mount CIFS shares or NFS exports in Linux or UNIX.
You can access FTP/SFTP directories using the FTP/SFTP protocol.
•
You can establish Web Access to CIFS shares. This enables users to access data using any
supported Web browser. See “Editing shares” on page 123.
Note: Web Access is not available with LDAP Directory Services security.
•
You can establish Mobile Access to CIFS shares. This enables users to access data using
mobile devices, including iOS-based devices (such as iPhone and iPad) and Android phones.
See “Editing shares” on page 123.
You can specify details of the Mobile Service, such as adding another port for Mobile Access,
limiting how long users remain authenticated on mobile devices, limiting users to only one
mobile device, and limiting the types of mobile devices that can use Mobile Access. See
“Mobile Settings” on page 240.
You can enable, disable, and delete licenses for the Mobile Access service. See “Mobile
Licenses” on page 243.
•
You can enable and install the Nasuni Desktop Client for CIFS shares. This allows users to
access data using a simple portal interface on their own desktop. See step 19 on page 118.
Downloading, restoring, and bringing data into cache
You can select specific volumes, folders, and files. You can then download, restore, or bring the
selected data into the local cache of the Nasuni Filer.
•
You can browse to volumes, folders, and files (“Browsing a Volume” on page 72).
•
You can also search for data by folder or file name and date (“Searching for a Folder or File by
Name and Date” on page 77).
Nasuni Management Console Guide 7.9
7
Task Overview
Managing data
•
You can bring folders and files into the local cache of a Nasuni Filer (“Bringing Data into Cache
of the Nasuni Filer” on page 80). To view unprotected files in the cache, see “Unprotected Files”
on page 89.
•
You can download selected files (“Downloading Files” on page 87).
•
You can restore folders and files (“Restoring Files or a Folder from a Snapshot” on page 87).
Setting quotas on folders and volumes
You can set quotas on the size of folders and volumes (“Setting Quota or Rule” on page 85).
Sharing data between Nasuni Filers
You share data between Nasuni Filers by using volumes. If you do not already have a volume set up on
the source Nasuni Filer, you can create a new volume (“Create Volume” on page 64).
•
Before creating a new volume, ensure that you have the encryption keys you would like to use.
Nasuni recommends creating and uploading your own encryption keys (“Adding (importing or
uploading) encryption keys to Nasuni Filers” on page 210). Otherwise, you can specify
generating a new encryption key when you create the new volume. Nasuni also recommends
safeguarding your encryption keys yourself. You can download generated keys for safeguarding
(using the Nasuni Filer user interface). Alternatively, you can escrow encryption keys with Nasuni
(“Escrowing Encryption Keys with Nasuni” on page 212).
Note: If you use the Nasuni Management Console to create a volume on a Nasuni Filer,
and specify generating a new encryption key for that volume, that new encryption key is
generated on the Nasuni Filer, not on the Nasuni Management Console. The only way to
download a Nasuni Filer encryption key is by using the Nasuni Filer user interface.
•
To create a new volume on the Nasuni Filer, see “Create Volume” on page 64.
•
Volumes are not shared by default. First, you need to enable Remote Access for the volume that
is sharing data. You can specify Read/Write or Read-Only access for the Nasuni Filers that are
receiving data. See “Editing remote access settings” on page 148.
•
After the volume that is sharing data has Remote Access enabled, you connect the Nasuni Filers
that are receiving data to the volume that is sharing data. See “Connect (and Disconnect)
Volume” on page 68.
•
End users access the data through CIFS shares, NFS exports, or FTP/SFTP directories of the
destination volume. You define CIFS shares (“Adding a New CIFS Share to a Volume” on
page 107), NFS exports (“Adding an NFS Export to a Volume” on page 124), or FTP/SFTP
directories (“Adding FTP directories for a volume” on page 134) on the destination volume for
users to access. If you created a CIFS share, NFS export, or FTP/SFTP directory automatically
when you created a new volume, you can check and edit the settings for CIFS shares (“Editing a
CIFS Share” on page 120), NFS exports (“Editing an NFS Export” on page 127), or FTP/SFTP
directories (“Editing FTP directories” on page 139).
Nasuni Management Console Guide 7.9
8
Task Overview
Managing data
Adding data to volumes
There are several ways to add data to volumes.
•
The best way to initially load your data into a volume is by using the Data Migration Service. This
feature supports multiple sources and targets for migrations using CIFS or NFS protocols. You
can monitor data migrations from the Nasuni Management Console, but you must use the
Nasuni Filer user interface to configure data migrations. See “Viewing migrations” on page 236,
“Viewing migration sources” on page 238, and “Viewing migration schedules” on page 239.
•
You can access FTP/SFTP directories using the FTP/SFTP protocol.
•
You can access iSCSI volumes in Windows, OS X, and Linux. You can access CIFS shares from
Windows, OS X, and Linux. You can mount NFS exports in Linux or OS X. This enables users to
add data to volumes using the file management capabilities of Windows, Linux, and OS X
operating systems.
•
You can share data from other Nasuni Filers as described in “Sharing data between Nasuni
Filers” on page 8.
•
You can define Web Access to CIFS shares. This enables users to add data to volumes using
any supported Web browser. See “Editing shares” on page 123.
Note: Web Access is not available with LDAP Directory Services security.
•
You can define Mobile Access to CIFS shares. This enables users to add data to volumes using
mobile devices, including iOS-based devices (such as iPhone and iPad) and Android phones.
See “Editing shares” on page 123.
You can specify details of the Mobile Service, such as adding another port for Mobile Access,
limiting how long users remain authenticated on mobile devices, limiting users to only one
mobile device, and limiting the types of mobile devices that can use Mobile Access. See
“Mobile Settings” on page 240.
You can enable, disable, and delete licenses for the Mobile Access service. See “Mobile
Licenses” on page 243.
•
You can enable and install the Nasuni Desktop Client for CIFS shares. This allows users to
access data using a simple portal interface on their own desktop. See step 19 on page 118.
Protecting data
A snapshot is a complete picture of your volume at a specific point in time. Snapshots offer data
protection by enabling you to recover past versions of a file or to restore an entire file system. You can
select when and how frequently to perform snapshots. For example, you can configure snapshots to
occur only at night when network usage is low.
•
You can schedule snapshots for whenever suits your system best. See “Editing snapshot
schedules” on page 156.
•
You can also take snapshots manually at any time. See “Take Snapshot” on page 62.
•
For compliance purposes or your own best practices, you can specify to delete older snapshots
from cloud storage, based on a configured snapshot retention policy for a specific volume. See
“Editing snapshot retention settings” on page 153.
Nasuni Management Console Guide 7.9
9
Task Overview
Security
Managing volumes
The Nasuni Management Console offers many options for managing volumes. See “Volumes Page” on
page 49.
•
Volumes should have names that describe what data they contain and that users recognize.
You can change the name of a volume. See “Changing volume name” on page 135.
•
You can change the name of an iSCSI target. See “Editing iSCSI volumes” on page 126.
•
You can monitor file statistics. See “File Sizes in Snapshots” on page 48, “File Sizes in
Snapshots” on page 48, and “Data Growth chart” on page 45.
•
For CIFS and NFS volumes and FTP/SFTP directories, the volume quota (maximum capacity)
enables you to limit the amount of storage space for a volume, including snapshots, which helps
you to control your storage costs. You can change the volume quota. See “Quota” on page 141.
•
You can delete volumes that are no longer needed. See “Deleting a local volume” on page 61.
Security
Handling encryption keys
Encryption keys are used to encrypt your data in cloud storage. You can use the Nasuni Management
Console to manage encryption keys in several ways.
•
You can view encryption keys and their settings by volume (“Viewing encryption keys” on
page 131), by Nasuni Filer (“Viewing encryption keys on Nasuni Filers” on page 209), and on the
Nasuni Management Console (“Viewing encryption keys on the Nasuni Management Console”
on page 323).
•
Nasuni recommends creating and uploading your own encryption keys. You can upload
encryption keys to the Nasuni Management Console. See “Uploading (importing or adding)
encryption keys to the NMC” on page 324.
You can also upload encryption keys to specific Nasuni Filers. See “Adding (importing or
uploading) encryption keys to Nasuni Filers” on page 210.
Alternatively, you can specify generating a new encryption key when you create a new volume.
•
You can use specific uploaded encryption keys with specific volumes. As a first step, you can
send encryption keys that you uploaded on the NMC to the Nasuni Filers where those volumes
reside. See “Sending encryption keys to Nasuni Filers” on page 211.
The next step is to add specific encryption keys to specific volumes. See “Adding encryption
keys to a volume” on page 131.
The next step is to enable (or disable) specific encryption keys for specific volumes. See
“Enabling encryption keys for a volume” on page 132 or “Disabling encryption keys for a
volume” on page 133.
Nasuni Management Console Guide 7.9
10
Task Overview
•
Security
Nasuni recommends safeguarding your encryption keys yourself. You can download generated
keys for safeguarding (using the Nasuni Filer user interface). See “Downloading the NMC’s
generated encryption key” on page 325.
Note: You cannot download any Nasuni Filer encryption key from a Nasuni Management
Console, because the Nasuni Filer never transmits any encryption keys to a Nasuni
Management Console. The Nasuni Management Console is never in possession of any
encryption key generated by a Nasuni Filer. In particular, if you use the Nasuni
Management Console to create a volume on a Nasuni Filer, and specify generating a new
encryption key for that volume, that new encryption key is generated on the Nasuni Filer,
not on the Nasuni Management Console. The only way to download a Nasuni Filer
encryption key is by using the Nasuni Filer user interface.
Alternatively, you can escrow uploaded encryption keys with Nasuni. See “Escrowing
encryption keys with Nasuni” on page 326.
Note: All automatically-generated encryption keys are automatically escrowed with
Nasuni.
•
You can delete encryption keys that are not necessary for disaster recovery purposes. See
“Deleting Encryption Keys” on page 327.
Role-based access control
Rather than managing the permissions for performing tasks individually for each person, it is simpler to
create groups that have specific combinations of permissions, then assign users to the appropriate
groups. You can define users and groups of users, then assign specific permissions to each group. You
can define up to 150 users and 150 groups.
•
To control who can manage the Nasuni Management Console, you can assign users to either
the NMC Administrators group or to a new group that you create with the “Manage all aspects
of NMC (super user)” permission. See “Console Users and Groups” on page 342.
•
To control who can perform actions on the Nasuni Management Console, you can define users
and groups of users, then assign specific permissions. See “Console Users and Groups” on
page 342.
•
To control who can access specific Nasuni Filers, you can assign users to a new group that you
create for those Nasuni Filers. See “Console Users and Groups” on page 342.
•
To control who can access CIFS shares that have Active Directory or LDAP Directory Services
security, you can define users and groups of users, then assign specific permissions. See
“Editing shares” on page 123.
SSL certificates
The user interface of the Nasuni Management Console and the user interface of Nasuni Filers are Webbased. In order to secure these Web sites, SSL certificates or self-signed certificates are used.
•
You can view or add SSL certificates or a self-signed certificate that you can use when
accessing the Nasuni Management Console user interface. See “SSL Certificates” on page 329.
Nasuni Management Console Guide 7.9
11
Task Overview
•
Changing performance
You can view the SSL certificates or self-signed certificate that you use when accessing Nasuni
Filers. See “SSL Certificates” on page 282.
Antivirus protection
Nasuni offers the option of protecting data with antivirus scanning, and review of files flagged for
violations.
•
You can enable or disable the Antivirus Service. See “Editing Antivirus Service settings” on
page 162.
•
You can review antivirus violations. See “Reviewing antivirus violations” on page 165.
Firewall protection
You can limit which network hosts connect to the Nasuni Management Console user interface and the
Nasuni Support SSH port, which provides firewall protection. See “Firewall” on page 355.
Changing performance
There are a number of settings that can affect the performance of the system.
•
Quality of Service (QoS) settings specify the outbound bandwidth for moving snapshots from
the Nasuni Filer to cloud storage. Snapshots are slower during periods of lower bandwidth.
Local user read/write operations are not affected. Limiting the bandwidth of outbound data
between specific hours can help decrease network congestion. See “Quality of Service
(Bandwidth) Settings” on page 216.
•
On virtual platforms, you can change resources such as the number of cores applied to the
virtual machine as well as the contention for resources. See the Installing the Nasuni Filer on
Virtual Platforms document.
•
The cache is the local storage of the Nasuni Filer. All data and metadata that are accessed
regularly are kept locally in the cache. By default, the amount of local cache space reserved for
new writes is managed automatically, using an advanced algorithm to optimize cache usage.
However, you can override the amount of local cache space reserved for new writes in order to
suit your company’s workload. Reserving a large portion of the cache for new writes allows
snapshots to complete more rapidly, but reduces the amount of data that is kept locally.
Reserving a small portion of the cache for new writes allows keeping more data locally, but
increases the time for completing snapshots. See “Cache Settings” on page 190. To view
unprotected files in the cache, see “Unprotected Files” on page 89.
On virtual platforms, you can also increase the size of the cache. See the Installing the Nasuni
Filer on Virtual Platforms document.
•
Frequent snapshots increase the system load significantly. You can change when and how
frequently snapshots occur. See “Editing snapshot schedules” on page 156.
Nasuni Management Console Guide 7.9
12
Task Overview
•
Actions only available on the Nasuni Filer
Pinning a folder retaining a folder in the local cache at all times. This can improve performance
and reduce the time necessary to return accessed data to clients. See “Pinned Folders” on
page 136. To view unprotected files in the cache, see “Unprotected Files” on page 89.
Actions only available on the Nasuni Filer
There are certain actions that cannot be performed from within the Nasuni Management Console. You
must perform these actions using the specific Nasuni Filer’s user interface.
Affected item
Place Filer in NMC control
Data Migrations
Data Migration sources
Data Migration schedules
Active Directory domain
LDAP Directory Services
domain
Network
Firewall
SSL certificates
HTTPS proxy
On Nasuni Filer
Action: Menu
Enable: Services → Nasuni Management Console
Create, Delete: Services → View Migrations
Create, Delete: Services → Migration Sources
Schedule: Services → Migration Schedules
Join, Leave, Edit, View: Configuration → General Settings
Join, Leave, Edit, View: Configuration → General Settings
Edit: Configuration → Network Configuration
Charts, Status: Status → Network Status
Edit: Configuration → Firewall
Add, Delete, Set: Configuration → SSL Certificates
Edit: Configuration → HTTPS Proxy
Nasuni Management Console Guide 7.9
13
Chapter 3: Installing the Nasuni Management
Console
Overview
This chapter explains how to install the Nasuni Management Console on your network.
Note: There can be at most one Nasuni Management Console per account.
Requirements for the Nasuni Management Console
The minimum recommended virtual machine resources for running the Nasuni Management Console
are as follows:
Description
Supported virtual platforms.
Minimum disk space.
Minimum number of CPU cores.
Recommended memory.
Nasuni Management Console Guide 7.9
Value
VMware ESXi 5.0, 5.1, 5.5, and 6.0
Windows Server 2008 R2 SP1 Hyper-V
Windows Server 2012 Hyper-V
Microsoft Azure
Amazon EC2
16 GB
1
6 GiB
14
Installing the Nasuni Management Console
Requirements for the Nasuni Management Console
Initial, Recommended, and Minimum Memory
The memory allocation for a virtual machine platform (VM) is set and changed in the hypervisor. The
memory allocation that is first set is the "initial memory allocation".
The "recommended memory allocation" is a suggested amount of memory. If the VM has less than the
"recommended memory allocation", an alert informs the customer of the situation.
There is also a "minimum memory allocation". If the VM has less than the "minimum memory
allocation", then the software does not run.
Tip: For both the Nasuni Filer and the NMC, it might be necessary to increase the memory
allocation above the recommended memory allocation, depending on the workload.
For the Nasuni Filer, these values are:
•
Initial memory allocation: 8 GiB
•
Recommended memory allocation: 8 GiB
•
Minimum memory allocation: 4 GiB
Note: The document preview feature of Nasuni Web Access requires a minimum of 8 GiB
and version OS7 of the Nasuni Filer base operating system.
For the NMC, these values are:
•
Initial memory allocation: 6 GiB
•
Recommended memory allocation: 6 GiB
•
Minimum memory allocation: 2 GiB
Nasuni Management Console Guide 7.9
15
Installing the Nasuni Management Console
Downloading the Nasuni Management Console Software
Downloading the Nasuni Management Console Software
The Nasuni Management Console runs as a virtual appliance on your network and is distributed as a
downloadable image. You need to register on the Nasuni Web site for a user account and password to
access the download page.
To download the Nasuni Management Console software from the Nasuni Web site, follow these steps:
1. Using your Web browser, log in to your Nasuni account at https://account.nasuni.com/account/
Click Downloads. The Downloads page appears.
Figure 3-1: Download page.
2. Select the appropriate format for your virtual environment from these choices:
•
OVF FORMAT: OVF format is appropriate for VMware ESXi environments. The Nasuni
Management Console runs as a virtual machine on the VMware ESXi 5.0, 5.1, 5.5, and 6.0
virtual server platforms.
•
HYPER-V FORMAT: Hyper-V format is appropriate for Microsoft Hyper-V environments.
The Nasuni Management Console runs as a virtual machine on the Windows Server 2008 R2
SP1 and Windows Server 2012 Hyper-V virtual server platforms.
Note: There are two versions of the Microsoft Hyper-V software available: 2012 and pre2012 (2008 R2 SP1). Select the appropriate version for your Microsoft Hyper-V
environment.
3. Download the Nasuni Management Console software .zip file to a location on your local drive.
The amount of time to download the Nasuni Management Console software file depends on
your Internet connection. The file is approximately 300 MB in size.
4. Unzip the Nasuni Management Console software .zip file.
Nasuni Management Console Guide 7.9
16
Installing the Nasuni Management Console
Downloading the Nasuni Management Console Software
5. To Install the Nasuni Management Console into VMware ESXi, use the vSphere Client to deploy
the NasuniNMC.ovf OVF template file. Power on the new Nasuni Management Console virtual
machine. Click the Console tab.
Alternatively, to install the Nasuni Management Console into Microsoft Hyper-V, use the HyperV Manager to import the virtual machine. Start the new Nasuni Management Console virtual
machine. Right-click the Nasuni Management Console virtual machine, and select Connect
from the drop-down menu.
6. The Nasuni Management Console screen appears with a plain white bar on the bottom that
indicates the progress of the installation.
Figure 3-2: Nasuni Management Console installation progress screen.
7. After a few moments, the Nasuni Management Console console screen appears.
Figure 3-3: Nasuni Management Console console screen.
Nasuni Management Console Guide 7.9
17
Installing the Nasuni Management Console
Downloading the Nasuni Management Console Software
8. If DHCP is available on the network, make note of the IP address that appears on the console
screen.
If DHCP is not available, log into the console service screen by pressing Enter and signing in.
The default login username is service, and the default password is service. Enter
editnetwork. Enter the command: setall static. Enter a new IP address. Note the IP
address.
Note: For security, use the changepassword command to change the password for the
service console.
Note: For more information on console commands, see the Nasuni Filer Initial
Configuration Guide.
9. Make note of the initial IP address of your Nasuni Management Console.
Nasuni Management Console Guide 7.9
18
Installing the Nasuni Management Console
Connecting with the Nasuni Management Console
Connecting with the Nasuni Management Console
You should have an initial IP address from the installation of your Nasuni Management Console
software on a virtual machine. This IP address might be provided by the IT specialist who initially set up
the Nasuni Management Console software.
Open a Web browser and enter the IP address using this command:
https://<IP address>
where <IP address> is the IP address.
When you attempt to access the Nasuni Management Console Home page for the first time, a message
might appear indicating that the security certificate is not trusted. You can still access the Install Wizard
to proceed with the initial configuration procedure.
Continue with the next section, “SSL Security Certificate” on page 20.
Nasuni Management Console Guide 7.9
19
Installing the Nasuni Management Console
SSL Security Certificate
SSL Security Certificate
By default, the Nasuni Management Console is preloaded with a self-signed SSL certificate that is
unique to the Nasuni Management Console. For this reason, when you attempt to access the Nasuni
Management Console Home page for the first time, a message might appear indicating that the
security certificate is not trusted. You can still access the Install Wizard to proceed with the initial
configuration procedure.
Note: To add a new SSL certificate, see “SSL Certificates” on page 329.
Example using Mozilla Firefox
This is an example of what you might see using the Mozilla Firefox Web browser:
1. Open a Web browser and enter the IP address provided by the IT specialist who initially set up
the Nasuni Management Console. The “This Connection is Untrusted” page appears.
Figure 3-4: “This Connection is Untrusted” page.
2. Click “I Understand the Risks”. An expanded version of the “This Connection is Untrusted”
page appears.
Figure 3-5: “This Connection is Untrusted” page.
Nasuni Management Console Guide 7.9
20
Installing the Nasuni Management Console
SSL Security Certificate
3. Click Add Exception. The Add Security Exception dialog box appears.
Figure 3-6: Add Security Exception dialog box.
4. Click Get Certificate.
5. Click Confirm Security Exception.
6. Open a Web browser and enter the IP address again.
7. Continue with “Installing the Nasuni Management Console” on page 24.
Nasuni Management Console Guide 7.9
21
Installing the Nasuni Management Console
SSL Security Certificate
Example using Google Chrome
This is an example of what you might see using the Google Chrome Web browser:
1. Open a Web browser and enter the IP address provided by the IT specialist who initially set up
the Nasuni Management Console. The “Your connection is not private” page appears.
Figure 3-7: “Your connection is not private” page.
2. Click Advanced. The “Your connection is not private” Advanced pane appears.
Figure 3-8: “Your connection is not private” Advanced pane.
3. Click Proceed.
4. Continue with “Installing the Nasuni Management Console” on page 24.
Nasuni Management Console Guide 7.9
22
Installing the Nasuni Management Console
SSL Security Certificate
Example using Microsoft Internet Explorer
This is an example of what you might see using the Internet Explorer Web browser:
1. Open a Web browser and enter the IP address provided by the IT specialist who initially set up
the Nasuni Management Console. The “There is a problem with this website's security
certificate.” page appears.
Figure 3-9: “There is a problem with this website's security certificate.” page.
2. Click Continue to this website.
3. Continue with “Installing the Nasuni Management Console” on page 24.
Nasuni Management Console Guide 7.9
23
Installing the Nasuni Management Console
Installing the Nasuni Management Console
Installing the Nasuni Management Console
To install the Nasuni Management Console, follow these steps:
1. After you add a security certificate or proceed without adding a security certificate, the Install
Wizard — Network Configuration page appears.
Figure 3-10: Install Wizard — Network Configuration page.
a. In the Hostname or FQDN box, a default hostname for the Nasuni Management Console
appears. You can accept the default hostname or change it to a customized hostname. The
name that you enter is the name that you provide to users so they can access the Nasuni
Management Console. You can use ASCII letters a through z, digits 0 through 9, and
hyphens.
Note: The Nasuni Management Console attempts to register the hostname in the
DNS server, so that users can access this host by name.
Nasuni Management Console Guide 7.9
24
Installing the Nasuni Management Console
Installing the Nasuni Management Console
To change this name later, see “Networking” on page 356.
b. From the Network Type drop-down list, select either Static, DHCP, or DHCP with Custom
DNS.
c. In the Network Device Settings area, enter values depending on your choice of Network
Type:
•
DHCP (Dynamic Host Configuration Protocol) or DHCP with custom DNS: Provides a
network IP address for a host on an IP network automatically. The IP Address, Netmask,
Default Gateway, and MTU Value fields become unavailable.
•
Static: If you select Static as a source, you must provide Network Device Settings. See
your IT administrator for assistance.
•
Enter the static IP address in the IP Address text box.
•
Enter a netmask address in the Netmask text box.
•
Enter a default gateway address in the Default Gateway text box.
The gateway address must match a subnet of a defined static network.
•
Enter the MTU value in the MTU Value text box. MTU settings above 1500 are
supported.
The maximum transmission unit (MTU) is the size (in bytes) of the largest protocol
data unit that the layer can pass onwards. A larger MTU brings greater efficiency,
because each packet carries more user data while protocol overheads, such as
headers, remain fixed; the resulting higher efficiency means a slight improvement in
the bulk protocol throughput. A larger MTU also means processing fewer packets for
the same amount of data. However, large packets can occupy a slow link for some
time, causing greater delays to following packets, and increasing lag and minimum
latency.
d. In the System Settings area, enter values depending on your choice of Network Type:
•
DHCP (Dynamic Host Configuration Protocol): The Search Domain, Primary DNS Server,
and Secondary DNS Server fields become unavailable.
•
Static or DHCP with custom DNS: If you select Static or DHCP with custom DNS as a
source, you must provide System Settings. See your IT administrator for assistance.
•
Enter one or more local search domains in the Search Domain text box. If you enter
multiple search domains, make sure you include a space between each entry. You
must enter valid hostnames.
You can use search domains to avoid typing the complete address of domains that
you use frequently. The search domains that you enter are automatically appended
to names that you specify for purposes such as Active Directory configuration, data
migration sources, HTTPS proxy, and NTP server. For example, if you specify the
search domain “mycompany.com”, then typing “server1” for one of these purposes
would connect to “server1.mycompany.com”.
Note: There are no search domains for LDAP Directory Services.
•
Enter the IP address for your primary DNS server in the Primary DNS server text
box. You must enter a valid hostname or IP address.
Nasuni Management Console Guide 7.9
25
Installing the Nasuni Management Console
•
Installing the Nasuni Management Console
Enter the IP address for your secondary DNS server in the Secondary DNS server
text box (if applicable). You must enter a valid hostname or IP address.
e. Click Continue to proceed.
2. The Install Wizard — Proxy Network Configuration page appears.
Figure 3-11: Install Wizard — Proxy Network Configuration page.
a. To enable proxy support, click Proxy Support: On (enabled) or Off (disabled).
b. In the Proxy Server text box, enter the hostname or IP address of a host running an HTTPS
proxy.
c. In the Port text box, enter the port number used by the HTTPS proxy server.
d. Optionally, enter a valid username (case-sensitive) for the proxy server in the User Name text
box and the password (case-sensitive) in the Password text box.
e. Optionally, in the Do Not Proxy text box, enter a list of hostnames or IP addresses not to
proxy (one per line).
f.
Click Continue. To return to the previous page to change parameters, click Back.
Nasuni Management Console Guide 7.9
26
Installing the Nasuni Management Console
Installing the Nasuni Management Console
3. The Install Wizard — Review Network Settings page appears.
Figure 3-12: Install Wizard — Review Network Settings page.
To accept the network settings, click Continue. return to the previous page to change
parameters, click Back.
4. The Reconfiguring Network Settings page appears.
Figure 3-13: Configuring Network Settings page.
5. If a more recent version of the NMC software is available, a page appears to notify you. Click
Continue. A second page appears to notify you of the progress of the software update.
Nasuni Management Console Guide 7.9
27
Installing the Nasuni Management Console
Installing the Nasuni Management Console
6. The Install Wizard — Terms of Service and License Agreement page appears.
Figure 3-14: Install Wizard — Terms of Service and License Agreement page.
You can print or download a copy of the Terms of Service and License Agreement by clicking
the appropriate button.
Select “I accept the Terms of Service”, then click Continue.
Nasuni Management Console Guide 7.9
28
Installing the Nasuni Management Console
Installing the Nasuni Management Console
7. The Install Wizard — Authorization page appears.
Figure 3-15: Install Wizard — Authorization page.
Enter the NMC Serial Number and Authorization code, found under the Account section of
www.nasuni.com. Click Continue to proceed.
Note: If you reuse an NMC Serial Number for a previously existing Nasuni Management
Console, you are asked if you want to perform a disaster recovery procedure on that
Nasuni Management Console. For details, see “Disaster Recovery” on page 369.
8. The Install Wizard — Confirm New NMC Install page appears.
Figure 3-16: Install Wizard — Confirm New NMC Install page.
To add the new Nasuni Management Console, type the words “Install New NMC” (without
the quotation marks) in the Confirmation text box, then click Continue.
Nasuni Management Console Guide 7.9
29
Installing the Nasuni Management Console
Installing the Nasuni Management Console
9. The Install Wizard — Create Admin User page appears.
Figure 3-17: Install Wizard — Create Admin User page.
Create a Username (case-sensitive) and a Password (case-sensitive) for the administrative
user of this Nasuni Management Console. An indicator of password strength appears. Although
password strength is not enforced, you should use strong passwords. This user automatically
becomes a member of the NMC Administrators group (see “Console Users and Groups” on
page 342). Click Continue.
10. This completes the Install Wizard. The Setup Almost Complete page appears.
Figure 3-18: Setup Almost Complete page.
Follow instructions on this page for placing Nasuni Filers under the control of the Nasuni
Management Console. Click Check for Managed Filers.
Continue with “Logging in to the Nasuni Management Console” on page 31.
Nasuni Management Console Guide 7.9
30
Chapter 4: Login Page
The Nasuni Management Console user interface presents you with a Login page, where you log in
using the username and password for the administrative user.
You can log in and access the Nasuni Management Console user interface from any computer running
a supported Web browser, including Mozilla Firefox, Microsoft Internet Explorer, Apple Safari, and
Google Chrome.
At the top of the Login page, you can access online help (see “Viewing the Nasuni Management
Console Help” on page 35). You can also power down the system, if necessary (see “Powering Down
and Rebooting the Nasuni Management Console” on page 37).
Logging in to the Nasuni Management Console
After the Nasuni Management Console has been installed and registered on your network, you can log
in to the Web-based Nasuni Management Console user interface from any computer running a
supported Web browser, and perform management functions on Nasuni Filers.
See “Installing the Nasuni Management Console” for details about installing the product.
To log in to the Nasuni Management Console, follow these steps:
1. Using your Web browser, open the specified IP address for the Nasuni Management Console
Home page. The IP address is provided during installation (see “Connecting with the Nasuni
Management Console” on page 19). The Nasuni Management Console Login page appears.
Figure 4-1: Nasuni Management Console Login page.
Nasuni Management Console Guide 7.9
31
Login Page
Logging in to the Nasuni Management Console
2. Type the username (case-sensitive) of the administrative user in the Username text box. The
administrative user account was set up in step 9 of “Installing the Nasuni Management
Console” on page 24.
3. Type the password (case-sensitive) of the administrative user in the Password text box.
Warning: Too many unsuccessful login attempts disable the login for 5 minutes. If
this happens, wait 5 minutes, then log in with a correct username and password.
Tip: If you forget the password for the administrative user, see “Resetting Administrative
Account (Forgot password?)” on page 33.
4. Click Login.
•
After you log in, the Nasuni Management Console Home page appears. See “Home Page”
on page 42 for details on the features of this page.
•
After you log in, you can change the password, as detailed in “Changing Password” on
page 38.
Nasuni Management Console Guide 7.9
32
Login Page
Resetting Administrative Account (Forgot password?)
Resetting Administrative Account (Forgot password?)
If you have lost the password for the administrative account, this feature resets the administrative
account information for the Nasuni Management Console. No data is deleted and no configurations are
changed.
Note: This procedure does not deauthorize the Nasuni.com account, just the Nasuni
Management Console administrative account, which is independent of the Nasuni.com
account and specific to the Nasuni Management Console.
Important: For this procedure, you need the NMC Serial Number and Authorization code for
this Nasuni Management Console, found at https://account.nasuni.com/account/
serial_numbers/.
To reset the administrative account, follow these steps:
1. Click Forgot password? at the bottom of the Login page. The Reset Account page appears.
Figure 4-2: Reset Account page.
2. In the Nasuni Service Authorization area, enter the NMC Serial Number and Authorization
code for this Nasuni Management Console, found at https://account.nasuni.com/
account/serial_numbers/.
Note: If you do not have the credentials for www.nasuni.com, you can perform a
password reset or contact Nasuni Technical Support.
Nasuni Management Console Guide 7.9
33
Login Page
Viewing the Nasuni Management Console Help
3. In the New Administrative Account area, create a Username (case-sensitive) and a Password
(case-sensitive). An indicator of password strength appears. Password strength is enforced for
this action. You should use strong passwords.
4. Click Continue. The Nasuni Management Console user interface appears.
Viewing the Nasuni Management Console Help
The Nasuni Management Console Help is available at the top of the Login page.
Click Help to display the Help menu. Links to the following information are available:
•
Link to Nasuni Management Console and Nasuni Filer documentation.
•
Nasuni Management Console Release Notes.
•
Link to Nasuni Terms of Service.
•
Link to Privacy policy.
•
Link to Service Level Agreement.
•
Contact information for Nasuni Technical Support and Sales.
Nasuni Management Console Guide 7.9
34
Chapter 5: Common Screen Elements
Several elements appear on all pages of the Nasuni Management Console user interface.
Username
In the navigation bar at the top of all pages, the name of the user who is logged in appears, along with
the time zone used for all displays.
Figure 5-1: Username logged in.
Navigation Bar Functions
The navigation bar of the Nasuni Management Console user interface displays the following standard
options:
•
Help.
•
Power
•
Change Password of the administrative user (under username).
•
Logout (under username).
.
Viewing the Nasuni Management Console Help
The Nasuni Management Console Help is available on the navigation bar at the top of all pages.
Click Help to display the Help menu. Links to the following information are available:
•
Link to Nasuni Management Console and Nasuni Filer documentation.
•
Nasuni Management Console Release Notes.
•
Link to Nasuni Terms of Service.
•
Link to Privacy policy.
•
Link to Service Level Agreement.
•
Contact information for Nasuni Technical Support and Sales.
Nasuni Management Console Guide 7.9
35
Common Screen Elements
Navigation Bar Functions
Viewing the Nasuni Management Console Release Notes
Release Notes contain the latest information about the latest version of the Nasuni Management
Console, as well as previous versions.
To view release notes, follow these steps:
1. Click Help on the navigation bar at the top of the page, then select Release Notes from the
menu. A dialog box appears with the latest release notes.
Figure 5-2: Release Notes dialog box.
2. Scroll down to review information about the Nasuni Management Console software release.
3. To close the release notes dialog box, click Close, or press the Esc key, or click the x at the top
of the dialog box.
Note: To ensure that you see the latest release notes, reload the page or refresh your
browser’s cache.
Nasuni Management Console Guide 7.9
36
Common Screen Elements
Navigation Bar Functions
Powering Down and Rebooting the Nasuni Management Console
The Power option is located on the navigation bar at the top of all pages. When you power down the
Nasuni Management Console, the user is disconnected from the system. You can choose to shut down
the Nasuni Management Console immediately, or to shut down the Nasuni Management Console and
then reboot the Nasuni Management Console immediately. While the Nasuni Management Console is
off, you can still disconnect Nasuni Filers from the Nasuni Management Console to manage them; all
the data on the Nasuni Filers is fully accessible
Note: When a reboot is requested, a notification is logged that the reboot was requested and
by whom the reboot was requested.
To power down the Nasuni Management Console, follow these steps:
1. Click Power
box appears.
on the navigation bar at the top of the page. The Shutdown/Reboot dialog
Figure 5-3: Shutdown/Reboot dialog box.
Note: To exit and return to the previous page, click the x at the top of the page, or click
Cancel.
2. Enter a Username (case-sensitive) and Password (case-sensitive) that has permission to
perform this operation.
3. In the Action area, to shut down the Nasuni Management Console immediately without
rebooting, select Shutdown immediately. Otherwise, to shut down the Nasuni Management
Console and then reboot the Nasuni Management Console immediately, select Reboot
immediately.
4. Click Shutdown.
The message “The system is shutting down. Click here to cancel the shutdown.” appears at the
top of the Home page.
5. To stop the shutdown, click the hyperlink marked “here”. You have 60 seconds to cancel the
shutdown.
The message “Shutdown cancelled at user request.” appears at the top of the Home page.
The shutdown stops.
Nasuni Management Console Guide 7.9
37
Common Screen Elements
Navigation Bar Functions
6. If you do not stop the shutdown, the Nasuni Management Console shuts down.
On the console, a series of shutdown messages appears, and the console automatically closes
down.
To restart, you can power on the Nasuni Management Console from your platform.
If you selected Reboot immediately, the Nasuni Management Console reboots immediately.
Changing Password
You can change the password for the Nasuni Management Console administrative account. The
Change Password option is available by clicking the user name on the navigation bar at the top of all
pages.
Note: Changes to the password of the administrative user are propagated to all Nasuni Filers
that are under the control of the Nasuni Management Console.
To change the password, follow these steps:
1. Click the user name on the navigation bar at the top of the page, then click Change Password
from the menu. The Change Password page appears.
Figure 5-4: Change Password page.
2. Enter the current password (case-sensitive) in the Old Password text box.
3. Enter the new password (case-sensitive) in the New Password text box. An indicator of
password strength appears. Password strength is enforced for this action. You should use
strong passwords.
4. Enter the new password (case-sensitive) again in the Password confirmation text box.
5. Click Save New Password.
The Home page appears and the message “Successfully updated user.” is displayed.
Nasuni Management Console Guide 7.9
38
Common Screen Elements
Other screen elements
Logging Out of the Nasuni Management Console
Logging out of the Nasuni Management Console does not affect any system operations such as
snapshots or file sharing access.
The Nasuni Management Console automatically logs off after 60 minutes of inactivity.
To log out, follow these steps:
1. Click the user name on the navigation bar at the top of the page, then click Logout.
You are logged out of the Nasuni Management Console.
2. The Login page appears. You can log back in when needed, as detailed in “Logging in to the
Nasuni Management Console” on page 31.
Other screen elements
Pop-up Software Update Notifications
If a new software update is available, a pop-up notification appears in the right margin. For example:
Figure 5-5: Software update notification.
You can acknowledge this notification by clicking the x. To clear notifications, see “Deleting
Notifications” on page 367.
You can update the Nasuni Management Console software from the hyperlink. See “Software Update”
on page 360 for more details.
Note: Nasuni does not recommend applying software updates during your normal business
hours, because this can disrupt access. Apply software updates during off-hours.
Search text box
If you cannot remember where a particular page of the Nasuni Management Console is located, you
can use the Search text box at the upper right to search for any text in a page title.
Figure 5-6: Search text box.
For example, searching for “CIFS” displays these pages.
Nasuni Management Console Guide 7.9
39
Common Screen Elements
Other screen elements
Time zone selection
You can specify the time zone of all times displayed, including charts that display a date, notifications,
volumes, File Browser, versions, migration schedules, mobile licenses, pending updates, and account
status.
To specify a particular time zone for all displays, select the time zone by first clicking on the “Dates in”
area in the upper left.
Figure 5-7: “Dates in” area.
The Displayed Time Zone dialog box appears.
Figure 5-8: Displayed Time Zone dialog box.
Select a specific time zone from the Time Zone drop-down list, then click Submit.
Alternatively, to use the time zone of the Nasuni Management Console, click Use NMC Time Zone.
Notifications
You can access notifications using the megaphone-shaped Notifications icon at the top right.
Figure 5-9: Notifications icon.
A number on the Notifications icon indicates the number of new, unacknowledged, urgent
notifications that require acknowledgment.
Figure 5-10: Number of new notifications.
Nasuni Management Console Guide 7.9
40
Common Screen Elements
Other screen elements
To view notifications, click the Notifications icon. The Notifications pane appears.
Figure 5-11: Notifications pane.
Urgent notifications that require acknowledgment appear on the Notifications pane, based on the
state of your system. A number to the right of a notification indicates multiple occurrences of the same
notification. You can acknowledge a notification by clicking the x. To acknowledge all the urgent
notifications, click Acknowledge All.
To view all notifications, click View all Notifications. For details on notifications, see Chapter 11,
“Notifications,” on page 364.
Sorting lists
You can sort many lists of information alphabetically, numerically, or chronologically. To sort, click on
the heading of each column. To sort in the opposite direction, click on the heading of the column again.
Action status
On pages where you can perform actions, a Status column shows the status of the last action
performed. If the action is completed, a checkmark
appears. If the action is not completed, a
rotating circle
appears. If there is a problem with the attempted action, a caution symbol
appears. Hover the mouse over the symbol for more information.
Nasuni Management Console Guide 7.9
41
Chapter 6: Home Page
The Nasuni Management Console Home page looks like this.
Figure 6-1: Home page.
The Home page appears after you log in to the Nasuni Management Console. The Home page displays
a dashboard with details about the state of the Nasuni Management Console and the Nasuni Filers it
manages.
Nasuni Management Console Guide 7.9
42
Home Page
System Health
The Home page also offers links to the Volumes, Filers, Account Status, Console Settings, and
Notifications pages. Additional information appears on these pages and the menus and items they
contain.
You can return to the Home page at any time by clicking the Nasuni logo in the top left corner.
System Health
In the System Health area, the following information appears:
•
Number of Nasuni Filers offline (if any) and online. Clicking Filers offline opens the Filers page.
For details, see “Filers page” on page 176.
Note: If a Nasuni Filer goes offline, an email alert is sent, if configured.
•
Number of antivirus violations. Clicking antivirus violations opens the Antivirus Violations
page. For details, see “Antivirus Violations” on page 164.
•
Number of pending notifications. Clicking pending notifications opens the Notifications page.
For details, see “Notifications” on page 364.
•
Number of currently available NMC software updates. Clicking NMC update available opens
the Software Update Available page. For details, see “Automatic Software Updates” on
page 289.
•
Number of currently available Nasuni Filer software updates. Clicking Filer updates available
opens the Filer Software Updates page. For details, see “Automatic Software Updates” on
page 188.
•
Number of volumes available. Clicking volumes available opens the Volumes page. For details,
see “Volumes page” on page 50.
•
Number of setting sync errors, namely, requested changes to Nasuni Filers that have failed for
some reason. Clicking setting sync errors opens the Outstanding Settings Updates Filers
page. For details, see “Sync Schedule” on page 157.
Hardware Health
In the Hardware Health area, the following information appears:
•
Status of power supply. If the status is Alert, you should investigate the situation.
•
Status of RAID batteries. Clicking RAID batteries opens the Filer Platform/Hardware Settings
page. For details, see “Platform Settings” on page 267. If the status is Alert, you should
investigate the situation.
•
Status of RAID arrays. Clicking RAID arrays opens the Filer Platform/Hardware Settings
page. For details, see “Platform Settings” on page 267. If the status is Alert, you should
investigate the situation.
•
Status of RAID disks. Clicking RAID disk error opens the Filer Platform/Hardware Settings
page. For details, see “Platform Settings” on page 267. If the status is Alert, you should
investigate the situation.
Nasuni Management Console Guide 7.9
43
Home Page
Account
Account
The date that the current subscription license or trial license expires. Clicking valid through opens the
Account Status page. For details, see “Account Status” on page 283.
Volumes Managed
In the Volumes Managed area, the following information appears:
•
Total number of volumes managed. Clicking Volumes Managed opens the Volumes page. For
details, see “Volumes page” on page 50.
•
Number of CIFS shares. Clicking CIFS Shares opens the Shares page. For details, see
“Shares” on page 110.
•
Number of NFS exports. Clicking NFS Exports opens the Exports page. For details, see
“Exports” on page 91.
•
Number of FTP/SFTP directories. Clicking FTP Directories opens the FTP Directories page.
For details, see “FTP Directories” on page 100.
•
Number of iSCSI volumes. Clicking iSCSI Volumes opens the Volume iSCSI Settings page.
For details, see “iSCSI” on page 125.
Filers Managed
In the Filers Managed area, the following information appears:
•
Total number of Nasuni Filers managed. Clicking Filers Managed opens the Filers page. For
details, see “Filers page” on page 176.
•
Number of unmanaged Nasuni Filers. Clicking Unmanaged opens the Filers page. For details,
see “Filers page” on page 176.
Capacity
In the Capacity area, the following information appears:
•
Total amount of Accessible Capacity.
•
Amount of Licensed Capacity.
Note: If the licensed capacity is exceeded, you can still store more data temporarily. If
your total stored data nears or exceeds your licensed capacity, you receive warnings to
increase your licensed capacity.
•
Percentage of Licensed Capacity used.
•
Amount of capacity not yet protected.
Nasuni Management Console Guide 7.9
44
Home Page
Migrations
Migrations
In the Migrations area, the following information appears:
•
Number of running migrations.
•
Number of completed migrations. Clicking Completed opens the Data Migrations page. For
details, see “Migrations” on page 236.
•
Number of scheduled migrations. Clicking Scheduled opens the Data Migration Schedules
page. For details, see “Migration Schedules” on page 239.
•
Number of failed migrations. Clicking Failed opens the Data Migrations page. For details, see
“Migrations” on page 236.
Data Growth chart
A chart of Data Growth appears on the Home page.
Figure 6-2: Data Growth chart.
This shows the amount of Licensed data and the amount of Accessible data on the vertical axis versus
time along the horizontal axis. Accessible data includes data already protected in the cloud, as well as
data in the cache that is not yet protected. If the customer license includes private cloud providers, and
if the amount of data stored with private cloud providers is greater than zero, the Cloud Usage data is
also available. The amount of data is shown in units such as MB, GB, and TB. The length of time is
shown by year and month.
To select or unselect accessible data, click Accessible Data. To select or unselect licensed data, click
Licensed Data.
If you hover the mouse over any part of the chart, a label appears displaying details about the amount
of data at that date and time.
Figure 6-3: Details of data and time on Data Growth chart.
To zoom in on a specific range of displayed data, click the chart at the high end of the range you want,
then drag to the low end of the range you want, then release. The chart rescales to zoom in on the
selected range.
To reset the zoom to the default display, click Reset zoom.
Nasuni Management Console Guide 7.9
45
Home Page
Network Traffic
Network Traffic
A chart of the Network Traffic of the Nasuni Filers appears on the Home page.
Figure 6-4: Network Traffic chart.
Note: A more detailed chart of network traffic appears on the Filers page. See “Network
Traffic” on page 178.
This chart shows, for the most recent 24 hours, the rate of data received from cloud storage (Cloud
Received) and the rate of data transmitted to cloud storage (Cloud Transmit) along the vertical axis, in
units of bits/second, Kbits/second, or Mbits/second, depending on throughput. Time of day (UTC) is
along the horizontal axis.
On the Network Traffic chart, you can select which network activity to include or exclude by clicking
Cloud Transmit (for data transmitted to the cloud) or Cloud Receive (for data received from the cloud).
If you hover the mouse over any part of the chart, a label appears displaying details about the amount
of network activity at that date and time.
Figure 6-5: Details of network traffic and time on Network Traffic chart.
To zoom in on a specific range of displayed data, click the chart at the high end of the range you want,
then drag to the low end of the range you want, then release. The chart rescales to zoom in on the
selected range.
To reset the zoom to the default display, click Reset zoom.
Nasuni Management Console Guide 7.9
46
Home Page
File Types Written
File Types Written
The File Types Written pie chart displays a comparison of the number of files of each file type written
to Nasuni Filers.
Figure 6-6: File Types Written chart.
The size of each pie slice represents the percentage of all the files written of that file type. If you hover
the mouse over one of the slices, it displays the name of the file type and the number of files of that file
type.
The File Types Written table displays the number of files written to Nasuni Filers for each file
extension.
Figure 6-7: File Types Written table.
The following information appears for each file type:
•
Ext.: The extension of the file.
•
Category: The type of file, such as Audio, Text, Raster Image, or Video.
•
Count: The total number of files with that file extension on Nasuni Filers.
•
Size: The total size of files with that file extension on Nasuni Filers.
Nasuni Management Console Guide 7.9
47
Home Page
File Sizes in Snapshots
File Sizes in Snapshots
The File Sizes in Snapshots bar chart displays the number of files in snapshots in each size category.
Figure 6-8: File Sizes in Snapshots bar chart.
The size of the files is along the vertical axis and the number of files in each size category is along the
horizontal axis on a logarithmic scale. If you hover the mouse over one of the bars, it displays the name
of the size category and the number of files in that category.
The File Sizes in Snapshots table displays the number of files in snapshots in each size category.
Figure 6-9: File Sizes in Snapshots table.
The following information appears for each file size:
•
Max Size: The maximum size of a file in that size category.
•
Count: The total number of files in that size category.
Nasuni Management Console Guide 7.9
48
Chapter 7: Volumes Page
On the Volumes page, you can view, delete, disconnect, and take snapshots of volumes.
From the Volumes page, you can also perform the following actions:
•
Create a new volume.
•
Create, view, and edit connections between volumes.
•
View, download, and bring into cache volumes and files.
•
Pinning folders in the cache.
•
Enabling Auto Cache for folders.
•
View unprotected files currently in the cache of a volume.
•
Create, view, edit, and delete NFS exports.
•
Create, view, edit, and delete FTP/SFTP directories.
•
Create, view, edit, and delete CIFS shares.
•
View and edit iSCSI volumes.
•
View and edit Auto Cached folders.
•
View and edit volume encryption key information.
•
View and edit volume names.
•
View and edit folder pinning settings.
•
View and edit volume protocols.
•
View and edit volume quotas.
•
View and edit volume remote access settings.
•
View and edit volume snapshot directory access.
•
View and edit volume snapshot retention settings.
•
View and edit volume snapshot schedule.
•
View and edit volume sync schedule.
•
View and edit volume Antivirus Service settings.
•
View antivirus violations, and ignore or delete flagged files.
•
View and configure file auditing.
•
View and edit volume File Alert Service settings.
Nasuni Management Console Guide 7.9
49
Volumes Page
Volumes page
Volumes page
Click Volumes. The Volumes page displays a dashboard of volume information and a list of all
managed volumes.
Figure 7-1: Volumes page.
Volumes Managed
In the Volumes Managed area, the following information appears:
•
Total number of Volumes Managed.
Note: Shared volumes that are not managed by the Nasuni Management Console might
not display or total correctly.
•
Number of Multisite Volumes, namely, volumes that have Remote Access enabled. Clicking
Multisite Volumes opens the Volume Remote Access Setting page. For details, see “Remote
Access” on page 147.
Nasuni Management Console Guide 7.9
50
Volumes Page
•
Volumes page
Number of Multisite Connections, namely, the volumes that are accessing volumes with Remote
Access enabled. Clicking Multisite Connections opens the Remotely Accessible Volumes
page. For details, see “Connect (and Disconnect) Volume” on page 68.
Unified Storage Access Points
In the Unified Storage Access Points area, the following information appears:
•
Total number of Unified Storage Access Points, including CIFS shares, NFS exports, FTP/SFTP
directories, and iSCSI volumes.
•
Number of CIFS Shares. Clicking CIFS Shares opens the Shares page. For details, see
“Shares” on page 110.
•
Number of NFS Exports. Clicking NFS Exports opens the Exports page. For details, see
“Exports” on page 91.
•
Number of FTP Directories. Clicking FTP Directories opens the FTP Directories page. For
details, see “FTP Directories” on page 100.
•
Number of iSCSI Volumes. Clicking iSCSI Volumes opens the Volume iSCSI Settings page.
For details, see “iSCSI” on page 125.
HTTPS Access Points
In the HTTPS Access Points area, the following information appears:
•
Total number of HTTPS Access Points, including Web Access points, Mobile Access points,
and Nasuni Desktop Client access points.
•
Number of Web Access Points. Clicking Web Access Points opens the Shares page, where
you can enable or disable Web Access for CIFS shares. For details, see “Editing shares” on
page 123.
•
Number of Mobile Access Points. Clicking Mobile Access Points opens the Shares page,
where you can enable or disable Mobile Access for CIFS shares. For details, see “Editing
shares” on page 123.
•
Number of Mobile Connections. Clicking Mobile Connections opens the Mobile Licenses
page, where you can enable or disable individual Mobile Access licenses. For details, see
“Mobile Licenses” on page 243.
Volume Health
In the Volume Health area, the following information appears:
•
Number of antivirus violations. Clicking antivirus violations opens the Antivirus Violations
page. For details, see “Antivirus Violations” on page 164.
•
Number of volumes available. Clicking volumes available opens the Volumes page. For
details, see “Volumes page” on page 50.
Nasuni Management Console Guide 7.9
51
Volumes Page
•
Volumes page
Number of setting sync errors, namely, requested changes to Nasuni Filers that have failed for
some reason. Clicking setting sync errors opens the Outstanding Settings Updates To Filers
page. For details, see “Pending Updates” on page 266.
Data Not Yet Protected chart
On the Volumes page, the Data Not Yet Protected chart appears.
Figure 7-2: Data Not Yet Protected chart.
Horizontal bars represent the amount of data not yet protected in all Nasuni Filers or in volumes on a
specific Nasuni Filer. From the drop-down list, select one of the following choices:
•
All Filers: Displays a bar graph of the amount of data not yet protected on each of the Nasuni
Filers under the control of the Nasuni Management Console. The Nasuni Filers appear in order
of decreasing amount of data not yet protected.
•
specific Nasuni Filer: Displays a bar graph of the amount of data not yet protected on each of
the volumes on the selected Nasuni Filer. The volumes are in alphabetical order.
If you hover the mouse over one of the bars, a label appears displaying details about the amount of
data not yet protected in that Nasuni Filer or volume.
Figure 7-3: Mouse hover over bar.
If there are any antivirus violations that are not yet protected, the total of antivirus violations is
displayed.
Nasuni Management Console Guide 7.9
52
Volumes Page
Volumes page
Data Growth chart
On the Volumes page, the Data Growth chart appears.
Figure 7-4: Data Growth chart.
The amount of data in all volumes or in a specific volume is graphed vertically vs. time horizontally.
From the drop-down list, select one of the following choices:
•
All Volumes: Displays a graph of the total amount of data in all volumes vs. time.
•
specific volume: Displays a graph of the amount of data in the selected volume vs. time.
If you select Accessible Data, the graph shows the actual data that is stored and available to access
vs. time. Accessible data includes data already protected in the cloud, as well as data in the cache that
is not yet protected. If you select Licensed, the graph shows the amount of licensed storage space vs.
time. If the customer license includes private cloud providers, and if the amount of data stored with
private cloud providers is greater than zero, the Cloud Usage data is also available.
If you hover the mouse over one of the chart areas, a label appears displaying details about the amount
of data at that date at that time.
Figure 7-5: Mouse hover over chart.
To zoom in on a specific range of displayed data, click the chart at the high end of the range you want,
then drag to the low end of the range you want, then release. The chart rescales to zoom in on the
selected range.
To reset the zoom to the default display, click Reset zoom.
Nasuni Management Console Guide 7.9
53
Volumes Page
Volumes page
Volume List
The Volume List appears on the Volumes page.
Figure 7-6: Volume List.
The following properties appear for each volume in the list of volumes:
Tip: Click the right-facing arrow beside each volume to reveal the volumes connected to
remotely accessible volumes.
•
Name: The name of the volume. For local volumes, you can edit this name and change it to a
customized name, if needed. See “Name of volume” on page 134 for details.
Tip: Click the name of the volume to view the Volume Details page for that volume. See
“Volume details” on page 56.
Under each volume name:
•
LUN Size (iSCSI volumes only): The amount of storage used for the volume, not including
snapshots. For details, see “iSCSI” on page 125.
•
Remote Access status (CIFS and NFS volumes and FTP/SFTP directories only): The
setting of remote access to this volume: Remotely Accessible, if the volume is remotely
accessible. See “Editing remote access settings” on page 148 for details.
Note: iSCSI volumes are never remotely accessible.
•
•
Permissions (local volumes connected to remote volumes only): The current permissions
for the remote volume: Read-Only or Read/Write. Local volumes that are connected to
remote volumes appear in a list under the remote volume.
•
Pinned: Indicates whether the entire volume, namely, the root folder of the volume, is
pinned in the cache: Pinned, if volume folder is pinned. You can pin the volume folder to the
cache as detailed in “Pinned Folders” on page 136. To view unprotected files in the cache,
see “Unprotected Files” on page 89.
•
Security Mode (CIFS volumes only): The security mode of the CIFS volume: Active
Directory, LDAP Directory Services, Publicly Available, or Unknown.
Filer: The name of the Nasuni Filer that the volume is on. For details, see “Filer Details page” on
page 181.
Nasuni Management Console Guide 7.9
54
Volumes Page
•
Protocol: The protocol of the volume: CIFS, NFS, FTP, or iSCSI.
•
•
Volumes page
Number of shares (CIFS), exports (NFS), or directories (FTP): For CIFS volumes, the total
number of shares. For details, see “Shares” on page 110. For NFS volumes, the total
number of exports. For details, see “Exports” on page 91. For FTP/SFTP directories, the
total number of FTP/SFTP directories. For details, see “FTP Directories” on page 100
Accessible Data: Accessible Data includes data already protected in the cloud, as well as data
in the cache that is not yet protected.
•
not yet protected: The amount of data not yet protected.
•
Last Snapshot: Date and time of the last snapshot, or “No snapshots” if there are no
snapshots.
If a snapshot is in progress and has not completed, the label “In progress” displays, along with
the percentage of the snapshot completed.
•
Actions: Actions available for each managed volume.
•
To initiate a snapshot, click Take Snapshot
Nasuni Management Console Guide 7.9
. A snapshot is initiated for the volume.
55
Volumes Page
Volumes page
Volume details
In the Volume List, clicking the volume name opens the Volume Details page.
Figure 7-7: Volume Details page.
The Volume Details page displays a summary of information about the volume:
Data Growth chart:
The amount of data in the volume is graphed vertically vs. time horizontally. If you select
Accessible Data, the graph shows the actual data that is stored and available to access vs.
time. Accessible data includes data already protected in the cloud, as well as data in the
cache that is not yet protected. If you select Licensed, the graph shows the amount of
licensed storage space vs. time. If you hover the mouse over one of the chart areas, a label
appears displaying details about the amount of data at that date at that time.
Figure 7-8: Mouse hover over chart.
Note: If remote volumes have different values, the overall value displays “Varies”.
Nasuni Management Console Guide 7.9
56
Volumes Page
Volumes page
To zoom in on a specific range of displayed data, click the chart at the high end of the range
you want, then drag to the low end of the range you want, then release. The chart rescales
to zoom in on the selected range.
To reset the zoom to the default display, click Reset zoom.
In the Settings area:
•
Name: The name of the local volume, or the local name of the remote volume. Clicking the
name opens the Volume Name page, with the Volume Name Settings dialog box selected.
For details, see “Name of volume” on page 134.
•
Protocols: The protocols used for the volume: CIFS, NFS, or FTP. Clicking the protocol
opens the Volume Protocols page, with the Volume Protocol Settings dialog box
selected.
•
Permissions Policy: (Not visible on remote volumes.) If multiple protocols are enabled, the
selected permissions policy for the protocols, from the following:
UNIX/NFS Permissions Only Mode: Default mode for NFS volumes. Recommended for
primary or heavy NFS use. Not recommended for Windows users. Only the traditional UNIX
mode bits control permissions (chmod). Windows can view permissions as access control
lists (ACLs), but cannot add or remove access control entries (ACEs). Windows CIFS users
can change permissions using the Security tab of the Windows Properties dialog box.
NTFS Compatible Mode: Default mode for CIFS volumes on Nasuni Filers joined to Active
Directory. Recommended for volumes with only CIFS protocol enabled, or for volumes with
CIFS and FTP/SFTP protocols enabled, but with read-only FTP/SFTP or only occasional
FTP/SFTP writes. Not recommended for mixed protocol support. Produces full NTFS
permissions, as supported on CIFS/SMB. Windows clients obey inheritance rules. NFS and
FTP/SFTP protocols cannot see all NTFS permissions and do not obey all access rules in
NTFS permissions. NFS and FTP/SFTP protocols obey only the POSIX access control list
(ACL) component of inheritance rules.
POSIX Mixed Mode: Default mode for CIFS volumes on Nasuni Filers joined to LDAP.
Recommended for combined CIFS and FTP/SFTP volumes, with light NFS use. Also
recommended for CIFS-only volumes with Linux or Mac clients, with UNIX extensions
enabled. Access control lists (ACLs) are supported entirely through POSIX ACLs. Windows
clients receive mapping of POSIX ACLs to NTFS ACLs. However, the mappings are not as
complete as mappings done for NTFS Compatible Mode. NFS clients cannot view the ACLs.
The NFSv4 protocol automatically translates the underlying ACLs to NFSv4 ACLs. The
common tools for managing POSIX ACLs are not supported on NFSv4. To manage ACLs
using NFSv4, you must use the NFSv4 ACL tools. Not all Nasuni Filers support NFSv4. You
can check whether NFSv4 is supported on the NFS Status page (Nasuni Filers) or the
Exports page (NMC).
Unauthenticated Access Mode: Default mode for CIFS volumes on Nasuni Filers that are
not joined to Active Directory or to LDAP. Recommended for CIFS Public-mode volumes.
Nasuni Management Console Guide 7.9
57
Volumes Page
Volumes page
For CIFS clients, this mode acts as an open share. For all other protocols, this mode acts
identically to POSIX Mixed Mode.
Clicking the permissions policy opens the Volume Protocols page, with the Volume
Protocol Settings dialog box selected. See “Enabling multiple volume protocols” on
page 139.
•
Provider: The name of the cloud provider for the volume.
•
Region: The location of the cloud provider for the volume, if available.
•
Vault (for Cleversafe volumes only): The name of the Cleversafe vault.
•
Encryption Keys: The Name and Enabled setting of the encryption keys for the volume. To
add, disable, or enable encryption keys, click the status. Clicking the status opens the
Volume Encryption Keys page, with the Edit Encryption Keys dialog box selected. For
details, see “Encryption Keys” on page 130.
•
Shares (CIFS only), Exports (NFS only), or Directories (FTP): Total number of CIFS shares,
NFS exports, or FTP/SFTP directories, and number of Nasuni Filers. To add or edit CIFS
shares, NFS exports, or FTP/SFTP directories, click the status. For details, see “Shares” on
page 110, “Exports” on page 91, and “FTP Directories” on page 100.
•
Pinned Folders: Indicates whether any volume folder is pinned in the cache: Yes or No. To
view pinned folders, click the status. For details, see “Pinned Folders” on page 136. To view
unprotected files in the cache, see “Unprotected Files” on page 89.
•
Auto Cached Folders: Indicates whether folders have Auto Cache (automatically bringing
data from other Nasuni Filers into the local cache immediately) enabled. To see folders with
Auto Cache enabled, click the status. For details, see “Enabling Auto Cache for Folders” on
page 83. To enable or disable Auto Cache for a volume, see “Scheduling Syncs” on
page 158.
Note: Auto Cache must be enabled for a volume before Auto Cache is enabled for a
folder in the volume.
•
Quota: The quota (maximum capacity) configuration in GB, or “No Quota” if there is no
quota. To change the quota, click the status. For details, see “Quota” on page 141.
Note: If the licensed capacity is exceeded, you can still store more data temporarily. If
your total stored data nears or exceeds your licensed capacity, you receive warnings
to increase your licensed capacity.
In the Snapshots & Sync area:
Nasuni Management Console Guide 7.9
58
Volumes Page
Volumes page
•
Snapshot Access (Not available for iSCSI volumes.): Indicates whether access to the
snapshot directory for the volume is Enabled or Disabled. To enable or disable snapshot
directory access for a volume, click the status. Clicking the status opens the Volume
Snapshot Directory Access page, with the Edit Snapshot Directory Access dialog box
selected. For details, see “Snapshot Directory Access” on page 150.
•
Snapshot Retention: The snapshot retention policy. To configure a snapshot retention
policy, click the status. Clicking the status opens the Volume Snapshot Retention page,
with the Snapshot Retention dialog box selected. For details, see “Snapshot retention” on
page 152.
•
Snapshot Schedule (Not available for iSCSI volumes.): The schedule for snapshots. If there
is no schedule for snapshots, indicates Disabled. To schedule snapshots, click the status.
Clicking the status opens the Volume Snapshot Schedule page, with the Snapshot
Schedule dialog box selected. For details, see “Snapshot schedule” on page 154.
•
Remote Access (Not available for iSCSI volumes.): The setting of remote access for this
volume: Enabled or Disabled. If Enabled, displays number of connections. To enable or
disable remote access, click the status. Clicking the status opens the Volume Remote
Access Setting page, with the Edit Volume Remote Access Settings dialog box selected.
For details, see “Remote Access” on page 147.
•
•
Number of remote connections.
Sync Schedule (Not available for iSCSI volumes.): The schedule of when the volume
synchronizes data (“syncs”) from Nasuni, merging local data with data from other Nasuni
Filers connected to this volume. If there is no schedule for syncs, indicates Disabled. To
schedule syncs, click the status. For details, see “Sync Schedule” on page 157.
In the Services area (CIFS and NFS volumes and FTP/SFTP directories only):
•
Auditing: Indicates whether file system auditing for the volume is Enabled or Disabled. To
enable or disable file system auditing for a volume, click the status. Clicking the status
opens the Volume Auditing Settings page, with the Edit Volume Auditing Settings dialog
box selected. For details, see “File System Auditing” on page 166.
•
File Alerts: Indicates whether the File Alert Service (automatically notifying you when files or
directories with particular names are written to the Nasuni Filer) is Enabled or Disabled. If
enabled, displays the number of patterns. To enable or disable the File Alert Service, click
the status. Clicking the status opens the Volume File Alert Service page, with the Edit File
Alert Service dialog box selected. For details, see “File Alert Service” on page 172.
•
Antivirus: Indicates whether the Antivirus Service is Enabled or Disabled. To enable or
disable the Antivirus Service, click the status. Clicking the status opens the Volume
Antivirus Service page, with the Edit Antivirus Service dialog box selected. For details,
see “Antivirus Service” on page 161.
•
Antivirus Violations (If Antivirus Service enabled.): Displays the number of violations. To
view the list of Antivirus Violations, click the status. For details, see “Antivirus Violations” on
page 164.
In the iSCSI Details area (iSCSI volumes only):
•
Target Name: The iSCSI Qualified Name of the iSCSI target, in this format:
•
iqn.
Nasuni Management Console Guide 7.9
59
Volumes Page
Volumes page
•
Date that the naming authority took ownership of the domain, in yyyy-mm format.
•
“.” followed by the reversed domain name of the authority, such as com.nasuni.
•
“:” followed by a storage target name specified by the naming authority.
Example: iqn.2008-11.com.nasuni:filer.nasuni.net:51
To change the target name, click the name. For details, see “iSCSI” on page 125“iSCSI” on
page 125.
•
Allowed Hosts: List of hosts allowed to connect to this volume, or Any. To change the
hosts, click the status. For details, see “iSCSI” on page 125“iSCSI” on page 125.
•
CHAP User Name (if any): The Challenge-Handshake Authentication Protocol (CHAP) User
Name that initiators must log in with. To change the CHAP User Name, click the status. For
details, see “iSCSI” on page 125“iSCSI” on page 125.
•
Volume Size: The volume size in GB. To change the volume size, click the value. For details,
see “iSCSI” on page 125“iSCSI” on page 125.
Nasuni Management Console Guide 7.9
60
Volumes Page
Volumes page
Deleting a local volume
You can delete a local volume. Deleting a volume destroys all the volume’s data stored in the cache, as
well as data stored in cloud storage.
Before deleting a volume, complete the following prerequisites:
•
If other Nasuni Filers are connected to the volume, disconnect them from the volume. See
“Connect (and Disconnect) Volume” on page 68 for details about disconnecting from a volume.
•
If the volume is configured for remote access by other Nasuni Filers, disable remote access on
the volume before deleting it. See “Remote Access” on page 147 for details.
•
It is necessary to disconnect from iSCSI volumes before deleting the iSCSI volume.
Note: Deleting a volume reduces the licensed capacity used; however, the background
delete operation can take time to process, depending on the number of files or blocks.
Notifications indicate when the volume deletion is complete.
To delete a local volume, follow these steps:
Caution: You cannot undo this procedure.
1. Click Delete
. The Delete Volume dialog box appears.
Figure 7-9: Delete Volume dialog box.
2. Read any warnings that appear in the Delete Volume dialog box. Ensure that the prerequisites
mentioned above have been satisfied to avoid data loss.
3. Enter a Username (case-sensitive) and Password (case-sensitive) that has permission to
perform this operation.
4. Click Delete Volume to delete the volume.
Alternatively, to exit this screen without deleting the volume, click the Close button.
Nasuni Management Console Guide 7.9
61
Volumes Page
Volumes page
Disconnecting from a remote volume
You can disconnect from a remote volume.
Caution: Disconnecting from a volume deletes any data in the cache. To protect recently
changed data, you can take an on-demand snapshot, then disconnect from the volume.
See “Take Snapshot” on page 62 for details.
Note: For volumes with a CIFS share, an NFS export, or an FTP/SFTP directory, you must
remove the share, export, or directory before you can disconnect from the volume. For details
on deleting a share, see “Deleting shares” on page 124. For details on deleting an export, see
“Deleting exports” on page 99. For details on deleting an FTP/SFTP directory, see “Deleting
FTP directories” on page 109
To disconnect from a remote volume, follow these steps:
1. Click Disconnect
. The Disconnect Volume dialog box appears.
Figure 7-10: Disconnect Volume dialog box.
2. Enter a Username (case-sensitive) and Password (case-sensitive) that has permission to
perform this operation.
3. Click Disconnect Volume to disconnect from the remote volume.
Alternatively, to exit this screen without deleting the volume, click the Close button.
Take Snapshot
Note: To perform consistent point-in-time snapshots of iSCSI volumes on Windows systems,
you can use the Nasuni VSS Hardware Provider. For details, see “API Keys” on page 186.
To take a snapshot of a volume, follow these steps:
1. For the volume that you want to take a snapshot of, click Take Snapshot
.
A snapshot is scheduled for this volume.
Nasuni Management Console Guide 7.9
62
Volumes Page
Volumes page
Cancel Snapshot
After you click the Take Snapshot button, as described above, you can cancel that scheduled
snapshot.
To cancel a snapshot of a volume, click Cancel
.
If the snapshot for this volume can be canceled, the snapshot is canceled. If the snapshot
cannot be canceled, a message appears.
Nasuni Management Console Guide 7.9
63
Volumes Page
Create Volume
Create Volume
You can use the Create Volume page to create a new CIFS, NFS, or iSCSI volume on any managed
Nasuni Filer.
Note: In trial mode, the maximum number of volumes you can have is limited to two.
Note: If you want to upload (import) an encryption key to use with the new volume, you must
upload the encryption key before starting the volume creation process. See “Adding
(importing or uploading) encryption keys to Nasuni Filers” on page 210.
All uploaded encryption keys should be at least 2048 bits long.
See www.nasuni.com/support/documentation for a worksheet for planning configurations.
To create a new CIFS, NFS, or iSCSI volume, follow these steps:
1. Click Volumes then click Create Volume from the menu in the left column. The Create Volume
page appears.
Figure 7-11: Create Volume page.
2. From the Target Filer drop-down list, select the managed Nasuni Filer where you want to
create the new volume.
Nasuni Management Console Guide 7.9
64
Volumes Page
Create Volume
3. From the Protocol drop-down list, select a network protocol on your network. This is the
protocol you use to access data on a volume. Your choices are:
•
CIFS (Windows clients): This protocol allows Windows users to share files across a
network. The CIFS protocol is used on other operating systems besides Windows, including
UNIX, Linux, and Mac OS X.
•
NFS (Unix clients): This protocol allows UNIX users to access and share file systems across
a computer network using UNIX and Linux.
•
iSCSI Target: This protocol allows users to access SAN blocks of data across a computer
network using the iSCSI protocol.
Tip: For volumes supporting both Windows and Linux/UNIX clients, select CIFS
(Windows clients) and use a Samba client on Linux/UNIX.
4. In the Volume Properties area, enter a human-readable name for the volume in the Name text
box, for example, “New York Office”. The name you enter is automatically applied as the
encryption key name in the Key Name text box.
Note: For iSCSI volumes, the iSCSI volume name is used to generate the target name.
This includes changing any upper-case letters to lower-case, and changing any nonASCII symbols to their hex code.
5. From the Region drop-down list, specify a region where you want to store your data.
You should store your data in a region that is near to your users and data centers, in order to
reduce data access latencies. The region you select should be remote from your other
operations for geographic redundancy and disaster recovery purposes. You should also
consider any compliance requirements for the location of data.
Note: Your data is protected with multiple copies in whichever region you choose.
6. You can use an existing encryption key or create a new encryption key.
•
To use an existing encryption key, select an encryption key from the Key drop-down list.
•
To create a new encryption key, select Create New Key from the Key drop-down list, then
optionally enter a name for the new encryption key in the Key Name text box.
Note: If you select Create New Key, the new encryption key is automatically
escrowed for you. To use your own encryption key, see “Adding encryption keys to a
volume” on page 131.
Note: You cannot download any Nasuni Filer encryption key from a Nasuni
Management Console, because the Nasuni Filer never transmits any encryption keys
to a Nasuni Management Console. The Nasuni Management Console is never in
possession of any encryption key generated by a Nasuni Filer. In particular, if you use
the Nasuni Management Console to create a volume on a Nasuni Filer, and specify
generating a new encryption key for that volume, that new encryption key is generated
on the Nasuni Filer, not on the Nasuni Management Console. The only way to
download a Nasuni Filer encryption key is by using the Nasuni Filer user interface.
Nasuni Management Console Guide 7.9
65
Volumes Page
Create Volume
7. For CIFS and NFS volumes only, set the maximum volume capacity (in gigabytes or fractions of
a gigabyte, such as 6.8) in the Quota text box. A value of 0 (zero) or blank specifies an unlimited
volume capacity (up to your licensed capacity).
Quotas are applied after each successful snapshot. Nasuni recommends that you only increase
quotas rather than decrease them. A notification occurs when the volume reaches 90 percent of
the quota. Another notification occurs when the volume reaches the quota. If the volume is
shared, then the quota is compared to the sum of all Nasuni Filers connected to the volume.
8. For CIFS and NFS volumes only, to automatically create a CIFS share or an NFS export for the
new volume, leave the Create a default Share/Export check box selected.
9. For iSCSI volumes only, the iSCSI properties area appears:
Figure 7-12: iSCSI properties area.
a. In the Volume Size text box, enter the Volume Size, in GB.
Note: All iSCSI (SAN) volume data is pinned in the cache. Therefore, the Volume Size
of an iSCSI volume is limited by the size of the cache. iSCSI volumes can use up to 75
percent of the cache. The computed limit is displayed.
Note: The Volume Size of an iSCSI volume can be increased, if necessary, but not
decreased.
b. To control which hosts are allowed to connect to this volume, in the Allowed Hosts text box,
enter a comma-separated list of the IP addresses or subnet addresses of the hosts that are
allowed to access this volume. If you leave this field blank, all hosts on your network have
access to this volume without restrictions.
c. To restrict access to this iSCSI volume, in the CHAP User Name text box, enter a ChallengeHandshake Authentication Protocol (CHAP) User Name with which initiators must log in. In
the CHAP Password text box, enter a Challenge-Handshake Authentication Protocol (CHAP)
Password with which initiators must log in. The CHAP Password must be 12-16 characters
long.
10. For CIFS volumes only, from the User Authentication drop-down list, select the method for the
Nasuni Filer to authenticate users connecting to shares within this volume: Authenticated
Access or Publicly Available to All Users.
Note: “Authenticated Access” refers to either Active Directory or LDAP Directory
Services.
Nasuni Management Console Guide 7.9
66
Volumes Page
Create Volume
Note: If the Nasuni Filer is configured for Active Directory authentication, but is not joined
to a domain, a message appears, indicating that the new volume is not usable until the
Nasuni Filer joins a domain, at which time you can choose Active Directory, LDAP
Directory Services, or Publicly Available for authentication. You cannot enable both Active
Directory and LDAP Directory Services for a Nasuni Filer.
Note: It is not possible to change the authentication mode of a volume after you create
the volume.
11. Click Create Volume.
The new volume appears in the list of volumes on the Volumes page.
To add a share to a new CIFS volume, see “Creating shares” on page 111.
To add an export to a new NFS volume, see “Creating exports” on page 92.
To add an FTP/SFTP directory to a new CIFS or NFS volume, see “Creating FTP directories” on
page 102.
Nasuni Management Console Guide 7.9
67
Volumes Page
Connect (and Disconnect) Volume
Connect (and Disconnect) Volume
Remote access allows one or more Nasuni Filers to connect, using Nasuni, to a volume associated with
another Nasuni Filer. After you enable remote access for a volume, and grant access permissions to the
volume, you can connect a Nasuni Filer to the remote volume. You can also disconnect an existing
connection. To enable remote access and grant permissions on a volume, see “Remote Access” on
page 147.
Tip: If the attempt to connect with a remote volume fails, try connecting again.
Note: If you connect to a remote volume that has multiple protocols defined (including CIFS,
NFS, and FTP), the volume inherits the same protocols as the original volume. If the protocols
for the remote volume change, the volume inherits the changed protocols. This might take
some time. You can refresh the volume connections in order to inherit the changed protocols
immediately. The Nasuni Filer must be running version 6.0 or later software in order to
connect to a remote volume that has multiple protocols defined.
To connect to or disconnect from a remote volume, follow these steps:
1. Click Volumes, then click Connect Volume in the left-hand column. The Remotely Accessible
Volumes page displays a list of remotely accessible volumes on the managed Nasuni Filers.
Figure 7-13: Remotely Accessible Volumes page.
The following information appears for each remotely accessible volume in the list:
•
Name: The name of the remotely accessible volume.
•
Owner: The name of the Nasuni Filer where this remotely accessible volume is located.
•
Protocol: The protocol of the remotely accessible volume: CIFS, NFS, or FTP.
•
Security Mode (CIFS volumes only): The security mode of the CIFS volume: Active
Directory, LDAP Directory Services, Publicly Available, or Unknown.
•
Connected: A list of Nasuni Filers already connected to the remotely accessible volume.
•
Actions: Actions available for each remotely accessible volume.
2. To refresh the information about the list of remotely accessible volumes, click Refresh
Connections.
Nasuni Management Console Guide 7.9
68
Volumes Page
Connect (and Disconnect) Volume
3. For the remotely accessible volume whose connections you want to change, click Edit
Connections. The Connect/Disconnect Volume dialog box appears.
Figure 7-14: Connect/Disconnect Volume dialog box.
A list of managed Nasuni Filers appears.
Tip: Shared volumes on Nasuni Filers running version 5.5 or later are not available to
Nasuni Filers running versions before version 5.5. To see shared volumes on Nasuni Filers
running version 5.5 or later, update the software to version 5.5 or later.
a. To connect a currently disconnected managed Nasuni Filer to the selected remotely
accessible volume, select the check box next to the managed Nasuni Filer.
Then, from the Storage Access drop-down list, select one of the following choices:
•
Inherit storage access points: If the remotely accessible volume has shares or exports,
inherit those same shares or exports in the new volume.
•
Create storage access points: To automatically create a new CIFS share or an NFS
export for the new volume.
•
Skip creating storage access points: To postpone creating a new share or export for
the new volume. To later add a share to the new CIFS volume, see “Creating shares” on
page 111. To later add an export to the new NFS volume, see “Creating exports” on
page 92.
Note: To connect to a remote CIFS volume, the Nasuni Filer and the remote CIFS
volume must be in the same Active Directory or LDAP Directory Services group.
Nasuni Management Console Guide 7.9
69
Volumes Page
Connect (and Disconnect) Volume
b. To disconnect a currently connected managed Nasuni Filer from the selected remotely
accessible volume, clear the check box next to the managed Nasuni Filer.
Caution: Disconnecting a Nasuni Filer from a remotely accessible volume causes
all shares and exports of the remotely accessible volume to be deleted from the
Nasuni Filer.
c. In the Inherit Settings area, select or deselect the settings that you want to inherit from the
remotely accessible volume.
d. Click Save Connections to save the changes you made to connections to remotely
accessible volumes.
The new information appears in the list of remotely accessible volumes on the Remotely
Accessible Volumes page.
Nasuni Management Console Guide 7.9
70
Volumes Page
File System Browser
File System Browser
You can use the file system browser to perform a variety of tasks:
•
Browse folders and files in volumes on Nasuni Filers.
•
Search for folders and files by name.
•
Filter results by date.
•
Examine multiple versions of folders and files.
•
Download folders and files.
•
Bring volumes, folders, and files into the cache of the Nasuni Filer.
•
Enable Global File Locking for volumes.
•
Pin folders in the cache.
•
Enable Auto Cache for folders.
•
Create quotas for volumes and folders.
•
Restore a file or folder (for a CIFS or NFS volume or FTP/SFTP directory) or an entire volume (for
an iSCSI volume). You can do this, for example, if data has been deleted erroneously. For
details on restoring data in the event of a disaster, see Chapter 12, “Disaster Recovery,” on
page 369.
Note: Since the Nasuni Management Console does not access data directly, but through
each Nasuni Filer, accessing data or information might take time.
In order to access folders and files, ensure that you have performed these necessary tasks:
•
Have configured at least one volume. For more information, see “Create Volume” on page 64.
•
For CIFS and NFS volumes or FTP/SFTP directories, have shared or exported at least one
volume. For more information, see “Creating shares” on page 111 and “Creating exports” on
page 92.
•
(Optional) Have configured a snapshot schedule to ensure that reliable, periodic snapshots of
the volume are taken. For more information, see “Editing snapshot schedules” on page 156.
Nasuni Management Console Guide 7.9
71
Volumes Page
File System Browser
Selecting Volume, Folder, or Files
You can select a volume, a folder, or one or more files. You can select by browsing or by searching.
Note: Nasuni Filers before version 6.3 display dates and times in UTC. Otherwise, Nasuni
Filers display dates and times for the current time zone.
Browsing a Volume
Browse
To browse folders and files in a volume, follow these steps:
1. Click File Browser. The File System Browser page appears.
Figure 7-15: File System Browser page.
2. From the Volume drop-down list, select a volume name.
Figure 7-16: Volume drop-down list.
The properties of the selected volume are displayed.
Figure 7-17: Volume properties.
Nasuni Management Console Guide 7.9
72
Volumes Page
File System Browser
The volume properties include:
•
Volume: The name of the volume and Nasuni Filer.
•
Content Size: The size of the volume and its contents.
•
Ownership: The owner of the volume.
•
Cache Resident: (CIFS and NFS volumes and FTP/SFTP directories.) Indicates whether the
volume is currently in the cache of the Nasuni Filer (Yes) or not (No). To view unprotected
files in the cache, see “Unprotected Files” on page 89.
Note: iSCSI volumes are always resident in the cache of their Nasuni Filer.
•
Pinning: (For folders, including volumes.) Indicates whether the folder (including volumes) is
pinned in the cache (Enabled). To enable pinning for a folder (including volumes), see
“Pinning Folders in the Cache” on page 81. To view unprotected files in the cache, see
“Unprotected Files” on page 89.
•
Global Locking: (For folders, including volumes.) Indicates whether Global Locking is
enabled for the volume (Enabled). To enable Global Locking for a volume, see “Global
Locking” on page 84.
•
Auto Cache: (For folders, including volumes.) Indicates whether Auto Cache (automatically
bringing data from other Nasuni Filers into the local cache immediately) is enabled for the
folder (including volumes). To enable Auto Cache for a folder (including volumes), see
“Enabling Auto Cache for Folders” on page 83.
Nasuni Management Console Guide 7.9
73
Volumes Page
File System Browser
3. From the Filer drop-down list, select a Nasuni Filer for the selected volume.
Figure 7-18: Filer drop-down list.
The files and folders that reside on the selected volume on the selected Nasuni Filer are
displayed.
Figure 7-19: Files and folders on the volume.
Note: You cannot browse files and folders on an iSCSI volume.
4. From the list of files and folders you can select the following:
•
One folder: select the folder you want. The selected folder is highlighted in the list.
The properties of the selected folder are displayed.
Figure 7-20: Folder properties.
The folder properties include:
•
Location: The path to the folder.
•
Content Size: The size of the folder and its contents.
•
Ownership: The owner of the folder.
•
Cache Resident: (CIFS and NFS volumes and FTP/SFTP directories.) Indicates whether
the folder is currently in the cache of the Nasuni Filer (Yes) or not (No). To view
unprotected files in the cache, see “Unprotected Files” on page 89.
Nasuni Management Console Guide 7.9
74
Volumes Page
•
File System Browser
•
Pinning: (For folders.) Indicates whether the folder is pinned in the cache (Enabled). To
enable pinning for a folder, see “Pinning Folders in the Cache” on page 81. To view
unprotected files in the cache, see “Unprotected Files” on page 89.
•
Auto Cache: (For folders.) Indicates whether Auto Cache (automatically bringing data
from other Nasuni Filers into the local cache immediately) is enabled for the folder. To
enable Auto Cache for a folder, see “Enabling Auto Cache for Folders” on page 83.
•
Global Locking: (For folders.) Indicates whether Global Locking is enabled for the
volume (“Enabled (inherited)”). To enable Global Locking for a volume, see “Global
Locking” on page 84.
One file: select the file you want. The selected file is highlighted in the list.
The properties of the selected file are displayed.
Figure 7-21: File properties.
The file properties include:
•
Location: The path to the file.
•
Size: The size of the file.
•
Ownership: The owner of the file.
•
Cache Resident: (CIFS and NFS volumes and FTP/SFTP directories.) Indicates whether
the file is currently in the cache of the Nasuni Filer (Yes) or not (No). To view unprotected
files in the cache, see “Unprotected Files” on page 89.
•
Lock Status: If Global Locking is enabled for the volume, indicates whether the file is
Locked or Unlocked. To enable Global Locking for a volume, see “Global Locking” on
page 84. If locked by multiple Nasuni Filers, a list appears.
Figure 7-22: Locked by multiple Nasuni Filers.
You can now perform actions with the selected folder or file, as described in “Actions with Selected
Volume, Folder, or Files” on page 80.
You can also filter the current results by date, as described in “Filtering by Date” on page 76.
Nasuni Management Console Guide 7.9
75
Volumes Page
File System Browser
Filtering by Date
By default, the current contents of the volume are displayed. To select contents from another date and
time from available snapshots, follow these steps:
1. Navigate to a volume as described in “Browsing a Volume” on page 72.
2. Click the Version drop-down list. A calendar of available dates appears. Select the date, then
select the snapshot on that date. The folders and files from that snapshot appear.
Note: Some dates in the range of available dates do not have snapshots. When you click
a date with no snapshots, the message “There are no snapshots for the selected date.”
appears.
Folders and files from snapshots display the date and time of the version in addition to their
other properties.
3. Select a folder or file from the list. To select multiple individual items from snapshots, use
Ctrl+click. To select a range of items from snapshots, use Shift+click.
4. To select the current version of folders and files, click the Version drop-down list and select
Current Version.
You can now perform actions with the selected folder or files, as described in “Actions with
Selected Volume, Folder, or Files” on page 80.
Nasuni Management Console Guide 7.9
76
Volumes Page
File System Browser
Searching for a Folder or File by Name and Date
Search
In addition to browsing for folders and files, you can also search for a specific folder or file by name
within a snapshot, and then select it for further actions.
Caution: In most cases, snapshots are not in the cache of the Nasuni Filer, and must be
brought into the local cache of the Nasuni Filer to be searched. As a result, snapshot
searches can impact performance. Searching a large number of snapshots proceeds
better by using a Nasuni Filer that users are not using heavily at the same time.
Note: iSCSI volumes do not contain folders or files, so you cannot search them.
To search for a folder or file by name in a snapshot, follow these steps:
1. Navigate to a volume as described in “Browsing a Volume” on page 72. If you intend to restrict
the search to a specific directory, navigate to that directory.
2. Click Search
. The Search Versions dialog box appears.
Figure 7-23: Search Versions dialog box.
3. The default is to search all directories. To limit the search to the currently selected directory (and
any subdirectories), select Search the Current Directory. Limiting the search can save time.
4. The default is to search all versions. To specify search dates, click the Date Range box. The
Date Range list appears.
Figure 7-24: Date Range list.
Nasuni Management Console Guide 7.9
77
Volumes Page
File System Browser
5. From the list, select one of these options for the search date:
•
All Versions: Searches all snapshots regardless of date. This is the default.
Caution: Searching all snapshots can take a long time and add extra load to your
Nasuni Filer.
•
Last 7 Days (if available): Searches only snapshots from the past 7 days, if there are any
available.
Caution: Searching large numbers of snapshots can take a long time and add
extra load to your Nasuni Filer.
•
Last 30 Days (if available): Searches only snapshots from the past 30 days, if there are any
available.
Caution: Searching large numbers of snapshots can take a long time and add
extra load to your Nasuni Filer.
•
Custom Range: Opens the Custom Range pane for you to select a start date and an end
date within which to search snapshots.
Figure 7-25: Custom Range pane.
Navigate to the start date and the end date during which to search snapshots.
Caution: Searching large numbers of snapshots can take a long time and add
extra load to your Nasuni Filer.
Nasuni Management Console Guide 7.9
78
Volumes Page
File System Browser
6. Enter all or part of the name of the folder or file to search for in the Query text box.
Note: You can use glob syntax wildcards when you specify the name, such as the
following:
Wildcard
Meaning
Example
*
Matches any number of
any character.
*.mp3
means any file name that ends with “mp3”.
?
Matches any one
character.
test.mp?
means file names like “test.mp3” or “test.mp4”.
[sequence]
Matches any character
in the specified
sequence.
[A-Z]*.mp3
means file names that start with an upper-case
letter.
[!sequence]
Matches any character
NOT in the specified
sequence.
[!A-Z]*.mp3
means file names that do not start with an uppercase letter.
The search matches the query text within a folder or file name. For example, searching for
“mount” finds items named “Mount”, “mounted”, “unmounted”, and “unmount”. The search
is not case-sensitive.
Optionally, you can specify searching for the exact name of the file (including the filename
extension) or folder by selecting the Exact Match check box. In this case, searching for
“mount” only finds items named “mount”. This search is also not case-sensitive.
7. Click Search. The Search Status results appear.
Figure 7-26: Search Status results.
To cancel a running search before it completes, click Stop Search.
8. After the search completes, click a folder or file to highlight it.
9. Click Navigate to Selected to navigate to the selected item.
The folder or file you searched for is selected.
You can now perform actions with the selected folder or file, as described in “Actions with Selected
Volume, Folder, or Files” on page 80.
Nasuni Management Console Guide 7.9
79
Volumes Page
File System Browser
Actions with Selected Volume, Folder, or Files
After selecting a volume, folder or files, as described in “Selecting Volume, Folder, or Files” on page 72,
you can perform the following actions:
•
Bring volume, folder, or files into the cache of the Nasuni Filer.
•
Pin folders in the cache.
•
Enable Global File Locking for volumes.
•
Enable Auto Cache for folders.
•
Create quotas for folders.
•
Download folders and files.
•
Restore a file or folder (for a CIFS or NFS volume or FTP/SFTP directory) or an entire volume (for
an iSCSI volume).
Bringing Data into Cache of the Nasuni Filer
When a volume, folder, or file is selected that is not already in the cache of the Nasuni Filer, you can
bring that item into the cache.
Note: If the selected data is not already present in the Nasuni Filer’s cache, selecting Bring
into Cache begins the process of copying the selected data into the cache of the Nasuni
Filer. This process continues running in the background until all the selected data is copied
into the cache of the Nasuni Filer. If the size of the selected data exceeds the available space
in the cache of the Nasuni Filer, then the Nasuni Filer releases already-protected data from
the cache to make room for the incoming data. This process affects network bandwidth until
it has completed. If the user requests any of the selected data while this process is running,
the requested data is copied into the cache of the Nasuni Filer immediately.
To view unprotected files in the cache, see “Unprotected Files” on page 89.
To bring data into the cache of the Nasuni Filer, follow these steps:
1. Select a volume, folder or file as described in “Selecting Volume, Folder, or Files” on page 72.
Nasuni Management Console Guide 7.9
80
Volumes Page
File System Browser
2. Click Bring into Cache. The Bring Into Cache dialog box appears. The dialog box is slightly
different with volumes, folders, and files.
Figure 7-27: Bring Volume Into Cache dialog box.
a. Information about the volume, folder or file is displayed, as well as the amount of space
currently available in the cache of the Nasuni Filer.
b. (For volume or folder only) To bring only the metadata of the volume or folder into the cache
of the Nasuni Filer, but not the data itself, select the Bring Metadata Only check box.
c. Click Start Transfer.
This begins the process of copying data and metadata into the local cache of the Nasuni Filer.
When the process is complete, a notification indicates that the process is complete and, if
configured, an email indicates that the process is complete.
Pinning Folders in the Cache
Pin folder
Pinning a folder specifies that the folder and its contents must remain in the local cache at all times.
This can improve performance and reduce the time necessary to return accessed data to clients.
Warning: Enabling this feature means that the entire folder, and all the folder’s contents,
remain resident in the cache at all times. This reduces the available cache by the size of
the folder. If the amount of data pinned in the cache exceeds the size of the cache, you
cannot access data that is not in the cache. If this occurs, an Alert notification is given.
Note: Pinning a folder does not bring the folder’s data into the cache. If the folder’s data is
not already present in the cache, you must specifically bring that data to the cache. To check
on whether data is resident in the cache, see “Browsing a Volume” on page 72. To bring data
to the cache, see “Bringing Data into Cache of the Nasuni Filer” on page 80.
Note: All iSCSI (SAN) volume data is already pinned in the cache, so it is not necessary to pin
iSCSI volumes.
To view pinned folders, or disable pinning for a folder, see “Pinned Folders” on page 136.
To view unprotected files in the cache, see “Unprotected Files” on page 89.
See www.nasuni.com/support/documentation for a worksheet for planning configurations.
Nasuni Management Console Guide 7.9
81
Volumes Page
File System Browser
To pin a folder in the cache, follow these steps:
1. Select a volume, folder or file as described in “Selecting Volume, Folder, or Files” on page 72.
2. Click Edit Cache Settings. The Folder Cache Settings dialog box appears.
Figure 7-28: Folder Cache Settings dialog box.
3. Select Enable Pinning.
4. Click Save Settings. Your changes are saved.
Otherwise, to close the dialog box without saving changes, click Close.
Nasuni Management Console Guide 7.9
82
Volumes Page
File System Browser
Enabling Auto Cache for Folders
Enable
If you enable the “Auto Cache” option for a folder, new data in that folder is brought into the local cache
immediately from other Nasuni Filers that are attached to this volume. Otherwise, new data is brought
into the local cache from other Nasuni Filers when that data is accessed next.
Tip: Because Auto Cache is not enabled by default, new data in the folder comes into the
local cache only when requested. If you plan on enabling Auto Cache, ensure that all of the
following apply to your deployment:
•
All the Nasuni Filers on which you plan to enable Auto Cache have caches large enough to
contain data from the other Nasuni Filers.
•
All the data in the folder is relevant and appropriate for all other sites that access the folder.
•
Network access at each site is not adversely affected by automatically moving large
quantities of data.
Auto Cache should not be used during the initial transfer of data into a Nasuni Filer or during
certain one-time operations, such as a bulk data load.
Note: Before enabling Auto Cache for a folder, the folder’s volume must have Remote
Access enabled and Auto Cache enabled. For details, see “Editing remote access settings”
on page 148 and “Scheduling Syncs” on page 158.
Note: Auto Cache is only available for shared or remote volumes.
Note: You can also enable Auto Cache for volumes. See “Scheduling Syncs” on page 158.
Note: If Auto Cache is enabled and you disable Auto Cache, any process bringing data into
the cache continues until complete.
Note: You can also disable Auto Cache for a folder using the Auto Cached Folders page. See
“Disabling Auto Cache” on page 129.
To enable Auto Cache for a folder, follow these steps:
1. Select a volume, folder or file as described in “Selecting Volume, Folder, or Files” on page 72.
2. Click Edit Cache Settings. The Folder Cache Settings dialog box appears.
Figure 7-29: Folder Cache Settings dialog box.
3. Select Enable Auto Cache.
Nasuni Management Console Guide 7.9
83
Volumes Page
File System Browser
4. Click Save Settings. Your changes are saved.
Otherwise, to close the dialog box without saving changes, click Close.
Global Locking
Lock
The purpose of the Global Locking feature is to prevent conflicts when two or more users attempt to
change the same file on different Nasuni Filers. If you enable the Global Locking feature for a directory
and its descendants, any files in that directory or its descendants can only be changed by one user at a
time. Any other users cannot change the same file at the same time.
Typically, when User X opens a file to change it, the application locks the file, preventing access by
User Y. Applications and platforms differ on specific behavior. User Y might receive the option of
opening a Read-Only copy of the file, opening a copy of the file with a different name, or receiving a
notice when User X closes the file. When User X does close the file, User Y can then access the file.
Tip: Enabling Global Locking can have an impact on performance, depending on factors that
include network congestion, user load, and file sizes. If users do not typically collaborate on
the same file at the same time, it is unnecessary to enable Global Locking.
Note: The Nasuni Filer supports the use of byte-range locking for applications that benefit
from this feature. However, because of the impact on performance, byte-range locking is
disabled by default. If your applications require byte-range locking, contact Nasuni Technical
Support to enable byte-range locking.
You can also manually break the locking of a file. This might become necessary if a user leaves a file
open and another user needs to open that file.
Warning: If you manually break the locking of a file, this might result in conflicts for the
file.
Note: If a user continues using a file after the lock is manually broken, the file might become
locked again.
Enabling Global Locking
To enable Global Locking for a folder (which can be a volume) and its descendants, follow these steps:
1. Select a folder as described in “Selecting Volume, Folder, or Files” on page 72.
2. Click Edit Global Locking Settings. The Global Locking Setting dialog box appears.
Figure 7-30: Global Locking Setting dialog box.
3. Select Enable Global Locking.
Nasuni Management Console Guide 7.9
84
Volumes Page
File System Browser
4. From the Locking Mode drop-down list, select one of the following locking modes:
•
Optimized: Recommended for most applications that don’t rely heavily on shared access
modes. Optimized locking gives the best performance, but lower protocol compatibility.
Note: NFS volumes only support Optimized mode locking.
•
Advanced: Recommended for applications that rely on shared access modes. Advanced
locking provides the highest global locking compatibility, but might impact performance.
Note: If Advanced locking is set on a directory, then any sub-directories that inherit the
Advanced setting do not have the option to “Edit Global Locking Settings”.
5. Click Save Settings. Your changes are saved.
Otherwise, to close the dialog box without saving changes, click Close.
Breaking Global Locking
To break Global Locking for a file, follow these steps:
1. Select the file as described in “Selecting Volume, Folder, or Files” on page 72.
2. Click Break Global Lock. The Break Global Lock dialog box appears.
Figure 7-31: Break Global Lock dialog box.
3. Click Break Lock. The lock for the file is released, allowing other users to open the file.
Otherwise, to close the dialog box without making changes, click Close.
Setting Quota or Rule
Edit
You can set a quota on the contents of a volume or a folder. You can configure quota reports to be sent
to administrators or users when volumes or folders approach or exceed their quota.
To set a volume or folder quota, follow these steps:
1. Select a volume or folder as described in “Selecting Volume, Folder, or Files” on page 72.
Nasuni Management Console Guide 7.9
85
Volumes Page
File System Browser
2. Click Set Quota or Rule. The Set Quota or Rule dialog box appears.
Figure 7-32: Set Quota or Rule dialog box.
3. From the Quota Type drop-down list, select one of the following choices:
•
Rule: Applies the specified Limit to any newly created subdirectories of the selected volume
or folder. To apply the specified Limit to existing subdirectories, see step 6 on page 86
below.
Important: Quotas cannot be nested. Quotas cannot be created anywhere in a
directory tree that already has a quota set in one of the parents. Quotas also cannot
be created on any parent directory when any of the subdirectories has a quota
already.
•
Quota: Applies the specified Limit only to the selected volume or folder.
4. (Optional) To receive reports when the selected volume or folder is near or over its Limit, in the
Email text box, enter an email address.
Tip: If User Folders Support is enabled for the CIFS share that the directory is in, then the
email address of the directory owner is used automatically. This prevents the necessity of
manually entering hundreds of email addresses for multi-user systems. See step 18 on
page 117. However, if the email address is entered here, the entered email address
overrides looking up an email address from Directory Services.
5. In the Limit text box, enter or select the quota limit (in gigabytes or fractions of a gigabyte, such
as 6.8). The content size of uncompressed data is displayed to help you decide on a quota limit.
6. For the Rule quota type, to apply the same Limit to the data in any existing sub-directories of
the selected directory, select the Apply to existing sub-directories check box.
7. Click Save Quota to save your changes. Otherwise, click Cancel.
The quota is enabled as configured.
Nasuni Management Console Guide 7.9
86
Volumes Page
File System Browser
Downloading Files
You can download one or more files to your local computer.
Tip: For large files, Nasuni recommends downloading the file directly from the specific
Nasuni Filer, rather than from the NMC.
Tip: Although users with “Perform File Restores/Access Versions” permission have the ability
to access all files on the file server, the Download File button is not available.
To download one or more files, follow these steps:
1. Select one or more files as described in “Selecting Volume, Folder, or Files” on page 72.
2. Click Download File.
Downloading features depend on your Web browser. If the file is of a type that your Web
browser recognizes (such as a PDF file), the file might download and display directly in the
browser.
If the Web browser cannot directly display the file, navigate to a location where the file should
be saved.
The selected files are downloaded to your local computer.
Restoring Files or a Folder from a Snapshot
You can restore a stored version of files or a folder from a snapshot. You might do this if a file or folder
was erroneously destroyed or corrupted, or if you need a previous version. You can restore the files or
folder to its original location, or to another location.
To restore files or a folder from a snapshot, follow these steps:
1. Select files or a folder in a snapshot as described in “Selecting Volume, Folder, or Files” on
page 72.
Tip: You can tell that you have selected files or a folder in a snapshot if the Version displays a
date and not “Current Version.”
2. Click Restore Folder or Restore File. The Restore Folder or Restore File dialog box appears
Figure 7-33: Restore Folder dialog box.
3. Verify the selection in the Selection text box.
Nasuni Management Console Guide 7.9
87
Volumes Page
File System Browser
4. By default, the file or folder is restored to its original location. To restore the file or folder to
another path, click in the Destination box and navigate to the alternative path.
Caution: If the file or folder is restored to its original location, it replaces the file or
folder of the same name (if any) in that original location.
5. To back up existing files before proceeding, select the Back Up Existing check box. If any files
that you selected to restore also exist in your volume, they are copied and retained. Backup files
are created with the preface “backupxxxx.” For example, “backup0001.Sales.doc”.
If Back Up Existing is not selected, the restore overwrites any files with the same name.
6. To restore the selected files or folder to your system, click Restore File or Restore Folder. The
Restore in Progress pane appears.
Figure 7-34: Restore in Progress pane.
This pane includes the following:
•
The number of folders processed.
•
The number of files processed.
Note: Files and folders in the snapshots are not deleted or changed during the restore.
The restored files or folder appear in the specified folder.
Nasuni Management Console Guide 7.9
88
Volumes Page
Unprotected Files
Unprotected Files
You can view the current unprotected files in the cache for a volume. You can filter by file name, path,
size, and owner. A file is protected if a copy of the file has been saved to cloud storage.
Viewing unprotected files
To view files in the cache of a volume, follow these steps:
1. Click Volumes, then select Unprotected Files. The Unprotected Files page appears.
2. From the Filer drop-down list, select the Nasuni Filer whose volume you want to view. From the
Volume drop-down list, select the volume whose cache you want to view. A list of files currently
in the cache appears.
Figure 7-35: Unprotected Files page.
The following information appears for each unprotected file:
•
Path: The path in the volume to the file in the cache.
•
Unprotected Bytes: The size of each unprotected file.
•
Owner: The owner of the unprotected file.
•
Access Time: The date and time of the most recent access of the unprotected file.
3. Using the Filter text box, you can limit the display to items that match the criteria that you enter.
See “Filtering Displays” on page 394 for details.
Note: You cannot filter using any part of the path except the file name.
On this screen, the following field names are available:
•
Path: Matches values in the file name of the Path field.
•
Size: Matches values in the Unprotected Bytes field.
•
Owner: Matches values in the Owner field.
Nasuni Management Console Guide 7.9
89
Volumes Page
•
Unprotected Files
Name: Matches values in the file name in the Path field.
Note: If there are many files, it might take a little time to display the filtered results.
4. To move to the next page of unprotected files (if any), click the right arrow at the top of the
page.
5. To move to the previous page of unprotected files (if any), click the left arrow at the top of the
page.
6. To download a list of unprotected files as a CSV file, click Download CSV.
Nasuni Management Console Guide 7.9
90
Volumes Page
Exports
Exports
You can create, view, edit, and delete NFS exports from NFS volumes. NFSv3 is supported. Not all
Nasuni Filers support NFSv4. NFSv4 encrypted connections are supported. Supported protocols
appear on the Exports page.
Viewing exports
To view NFS exports from NFS volumes, follow these steps:
1. Click Volumes, then click Exports in the left-hand column. The Exports page displays a list of
exports from NFS volumes on managed Nasuni Filers.
Figure 7-36: Exports page.
The following information appears for each NFS export in the list:
•
Volume: The NFS volume of the NFS export.
•
Filer: The name of the Nasuni Filer with volumes that have NFS exports.
•
Export Name: The name of the NFS export.
•
Descriptive comment for the NFS export.
•
Path: The path to the NFS export.
•
Actions: Actions available for each NFS export.
•
Protocols: The supported versions of the NFS protocol.
Filtering the Display
Using the Filter text box, you can limit the display to items that match the criteria that you enter. See
“Filtering Displays” on page 394 for details. On this screen, the following field names are available:
•
volume: Matches values in the Volume field.
•
filer: Matches values in the Filer field.
•
name: Matches values in the Export Name field.
•
path: Matches values in the Path field.
On this screen, the following conditions are available:
•
readonly: Matches whether read-only access is enabled.
Nasuni Management Console Guide 7.9
91
Volumes Page
Exports
Creating exports
Tip: You can only add NFS exports to a volume that has the NFS protocol enabled. To create
an NFS volume, see “Create Volume” on page 64. To enable the NFS protocol for a volume,
see “Protocols” on page 137.
To create a new NFS export, follow these steps:
1. On the Exports page, click Create Export. The Create Export page appears.
Figure 7-37: Create Export page.
a. From the Filer drop-down list, select the Nasuni Filer where you want to create the new NFS
export.
b. From the Volume drop-down list, select the NFS volume on the selected Nasuni Filer where
you want to create the new NFS export.
c. Click the Path text box and navigate to the directory you want to export.
d. In the Name text box, enter a name for this export.
e. Optionally, enter a descriptive comment in the Comment text box.
Nasuni Management Console Guide 7.9
92
Volumes Page
f.
Exports
In the Allowed Hosts text box, enter the hostname, or IP address with optional netmask, of
the host that is allowed to access the export folder on your network. If you leave this field
blank, all hosts on your network have access to the export without restrictions. Only a single
entry is allowed, however, the hostname can contain the * character as a wildcard.
g. From the Access Mode drop-down list, select an access mode. Your choices are:
•
Normal Users Permitted (root_squash): All users who have User IDs (UIDs) greater
than zero can map to the NFS export. (Typically, users with a UID of zero (root user) are
forcibly mapped to the anonymous NFS UID.) This is the same as “root_squash” on
UNIX systems: it reduces the access rights for a remote superuser (root).
•
All Users Permitted (no_root_squash): All users can map to the NFS export with their
normal UID. This is the same as “no_root_squash” on UNIX systems: it allows remote
root users to have root access.
•
Anonymize All Users (all_squash): All users are forcibly mapped to the anonymous
NFS UID. This is the same as “all_squash” on UNIX systems: it converts all users to the
anonymous UID and GID.
h. If you want the export folder to be read-only for users on the network, select the Read Only
check box. This means that users can access the export, but only have read-only rights and
therefore cannot make changes to any of the files in the exported folder.
i.
From the Performance Tuning drop-down list, select the type of Performance Tuning. The
choices include the following:
•
Default (sync): Replies to each NFS request only after all data has been stored to disk.
This is safer than async, but there is a delay between the store and the reply.
•
No Write Delay (no_wdelay / sync): If NFS deduces a likelihood of a related storage
request arriving soon, then NFS’s optimization algorithm delays storage. This saves disk
writes and can speed performance. However, if NFS deduces incorrectly, this behavior
causes a delay in every request. The no_wdelay option eliminates the delay.
•
Asynchronous Replies (async): Replies to requests before the data is stored to disk.
This improves performance, but results in lost data if the server goes down.
2. To accept your selections, click Create Export.
The export is created and appears in the list of exports. The export is available to clients under
/exports/<Directory name> and exposes the directory within the volume.
Nasuni Management Console Guide 7.9
93
Volumes Page
Exports
Editing exports
To edit the selected export, follow these steps:
1. On the Exports page, click Edit
. The Edit Export dialog box appears. F
Figure 7-38: Edit Export dialog box.
a. Optionally, enter a descriptive comment in the Comment text box.
b. In the Allowed Hosts text box, enter the hostname, or IP address with optional netmask, of
the host that is allowed to access the export folder on your network. If you leave this field
blank, all hosts on your network have access to the export without restrictions. Only a single
entry is allowed, however, the hostname can contain the * character as a wildcard.
c. From the Access Mode drop-down list, select an access mode. Your choices are:
•
Normal Users Permitted (root_squash): All users who have User IDs (UIDs) greater
than zero can map to the NFS export. (Typically, users with a UID of zero (root user) are
forcibly mapped to the anonymous NFS UID.) This is the same as “root_squash” on
UNIX systems: it reduces the access rights for a remote superuser (root).
•
All Users Permitted (no_root_squash): All users can map to the NFS export with their
normal UID. This is the same as “no_root_squash” on UNIX systems: it allows remote
root users to have root access.
Nasuni Management Console Guide 7.9
94
Volumes Page
•
Exports
Anonymize All Users (all_squash): All users are forcibly mapped to the anonymous
NFS UID. This is the same as “all_squash” on UNIX systems: it converts all users to the
anonymous UID and GID.
d. If you want the export folder to be read-only for users on the network, select the Read Only
check box. This means that users can access the export, but only have read-only rights and
therefore cannot make changes to any of the files in the exported folder.
e. From the Performance Tuning drop-down list, select the type of Performance Tuning. The
choices include the following:
•
Default (sync): Replies to each NFS request only after all data has been stored to disk.
This is safer than async, but there is a delay between the store and the reply.
•
No Write Delay (no_wdelay / sync): If NFS deduces a likelihood of a related storage
request arriving soon, then NFS’s optimization algorithm delays storage. This saves disk
writes and can speed performance. However, if NFS deduces incorrectly, this behavior
causes a delay in every request. The no_wdelay option eliminates the delay.
•
Asynchronous Replies (async): Replies to requests before the data is stored to disk.
This improves performance, but results in lost data if the server goes down.
2. To accept your selections, click Update Export.
The export is changed and appears in the list of exports.
Alternatively, to exit this screen without changing the export, click the Close button.
Editing host options for exports
You can have multiple hosts for an export, each with different host options, including allowed hosts,
access mode, read only, and performance tuning.
To edit the selected export, follow these steps:
1. On the Exports page, click Edit Host Options
. The NFS Host Options dialog box appears.
Figure 7-39: NFS Host Options dialog box.
The following information appears for each NFS export in the list:
•
Host Specification: The hostname, or IP address with optional netmask, allowed to access
the NFS export.
Nasuni Management Console Guide 7.9
95
Volumes Page
Exports
•
Read Only: Indication of whether the files and directories on the exported folder are readonly (Yes) or not (No).
•
Access Mode: The access mode, of the following:
•
•
•
Normal Users Permitted (root_squash): All users who have User IDs (UIDs) greater
than zero can map to the NFS export. (Typically, users with a UID of zero (root user) are
forcibly mapped to the anonymous NFS UID.) This is the same as “root_squash” on
UNIX systems: it reduces the access rights for a remote superuser (root).
•
All Users Permitted (no_root_squash): All users can map to the NFS export with their
normal UID. This is the same as “no_root_squash” on UNIX systems: it allows remote
root users to have root access.
•
Anonymize All Users (all_squash): All users are forcibly mapped to the anonymous
NFS UID. This is the same as “all_squash” on UNIX systems: it converts all users to the
anonymous UID and GID.
Performance Mode: The type of Performance Tuning, including the following:
•
Default (sync): Replies to each NFS request only after all data has been stored to disk.
This is safer than async, but there is a delay between the store and the reply.
•
No Write Delay (no_wdelay / sync): If NFS deduces a likelihood of a related storage
request arriving soon, then NFS’s optimization algorithm delays storage. This saves disk
writes and can speed performance. However, if NFS deduces incorrectly, this behavior
causes a delay in every request. The no_wdelay option eliminates the delay.
•
Asynchronous Replies (async): Replies to requests before the data is stored to disk.
This improves performance, but results in lost data if the server goes down.
Actions: Actions available for each NFS export.
Nasuni Management Console Guide 7.9
96
Volumes Page
Exports
2. To add a new set of host options, click Add. The NFS Export: Host Options dialog box
appears.
Figure 7-40: NFS Export: Host Options dialog box.
a. In the Allowed Hosts text box, enter the hostname, or IP address with optional netmask, of
the host that is allowed to access the export folder on your network. If you leave this field
blank, all hosts on your network have access to the export without restrictions. Only a single
entry is allowed, however, the hostname can contain the * character as a wildcard.
b. From the Access Mode drop-down list, select an access mode. Your choices are:
•
Normal Users Permitted (root_squash): All users who have User IDs (UIDs) greater
than zero can map to the NFS export. (Typically, users with a UID of zero (root user) are
forcibly mapped to the anonymous NFS UID.) This is the same as “root_squash” on
UNIX systems: it reduces the access rights for a remote superuser (root).
•
All Users Permitted (no_root_squash): All users can map to the NFS export with their
normal UID. This is the same as “no_root_squash” on UNIX systems: it allows remote
root users to have root access.
•
Anonymize All Users (all_squash): All users are forcibly mapped to the anonymous
NFS UID. This is the same as “all_squash” on UNIX systems: it converts all users to the
anonymous UID and GID.
c. If you want the export folder to be read-only for users on the network, select the Read Only
check box. This means that users can access the export, but only have read-only rights and
therefore cannot make changes to any of the files in the exported folder.
Nasuni Management Console Guide 7.9
97
Volumes Page
Exports
d. From the Performance Tuning drop-down list, select the type of Performance Tuning. The
choices include the following:
•
Default (sync): Replies to each NFS request only after all data has been stored to disk.
This is safer than async, but there is a delay between the store and the reply.
•
No Write Delay (no_wdelay / sync): If NFS deduces a likelihood of a related storage
request arriving soon, then NFS’s optimization algorithm delays storage. This saves disk
writes and can speed performance. However, if NFS deduces incorrectly, this behavior
causes a delay in every request. The no_wdelay option eliminates the delay.
•
Asynchronous Replies (async): Replies to requests before the data is stored to disk.
This improves performance, but results in lost data if the server goes down.
e. To accept your selections, click Save Options. The export is changed and appears in the list
of exports.
3. To edit an existing set of host options, click Edit for the host option. The NFS Export: Host
Options dialog box appears. Follow the steps in step 2 above.
4. To delete a set of host options, click Delete. The “Remove NFS Host Option?” dialog box
appears. Click Delete.
5. To save the complete list of host options, click Save.
The host options for the export are changed.
Alternatively, to exit this screen without changing the export, click the Close button.
Nasuni Management Console Guide 7.9
98
Volumes Page
Exports
Deleting exports
To delete the selected export, follow these steps:
1. On the Exports page, click Delete
. The Delete Export dialog box appears.
Figure 7-41: Delete Export dialog box.
2. Verify that the correct export, volume, and Nasuni Filer appear.
3. Enter a Username (case-sensitive) and Password (case-sensitive) that has permission to
perform this operation.
4. Click Delete Export to delete the export.
Alternatively, to exit this screen without deleting the export, click the Close button.
Nasuni Management Console Guide 7.9
99
Volumes Page
FTP Directories
FTP Directories
You can create, view, edit, and delete FTP/SFTP directories for volumes that have the FTP/SFTP
protocol enabled. This enables you to allow FTP/SFTP access to directories and files without adding
new users.
Tip: In order to access data using the FTP/SFTP protocol, the following steps are necessary:
1. Create a CIFS or NFS volume. See “Create Volume” on page 64.
2. Enable the FTP protocol on the volume. See “Enabling multiple volume protocols” on
page 139.
3. (Optional) Configure FTP/SFTP settings. See “Editing FTP settings” on page 202.
4. Add a new FTP/SFTP directory. See “Creating FTP directories” on page 102.
5. (Optional) Create a permission group that has storage access. See “Adding Permission
Groups” on page 350 in the Nasuni Filer Administration Guide.
6. (Optional) Create a user in a permission group that has storage access. See “Adding Users”
on page 356 in the Nasuni Filer Administration Guide. Active Directory and LDAP users can
log in for FTP access just as they do for CIFS access. Also, if anonymous access is enabled,
you don't need a specific group or user.
7. Access files using the FTP/SFTP protocol.
Viewing FTP directories
To view FTP/SFTP directories, follow these steps:
1. Click Volumes, then click FTP Directories in the left-hand column. The FTP Directories page
displays a list of FTP/SFTP directories for volumes that have the FTP protocol enabled on
managed Nasuni Filers.
Figure 7-42: FTP Directories page.
The following information appears for each FTP/SFTP directory in the list:
•
Volume: The volume for the FTP/SFTP directory.
•
Filer: The name of the Nasuni Filer with volumes that have FTP/SFTP directories.
•
Name: The name of the FTP/SFTP directory.
•
Descriptive comment for the FTP/SFTP directory.
Nasuni Management Console Guide 7.9
100
Volumes Page
•
Path: The path to the FTP/SFTP directory.
•
Actions: Actions available for each FTP/SFTP directory.
•
Protocols: The supported versions of the FTP/SFTP protocol.
FTP Directories
Filtering the Display
Using the Filter text box, you can limit the display to items that match the criteria that you enter. See
“Filtering Displays” on page 394 for details. On this screen, the following field names are available:
•
volume: Matches values in the Volume field.
•
filer: Matches values in the Filer field.
•
name: Matches values in the Name field.
•
path: Matches values in the Path field.
On this screen, the following conditions are available:
•
anonymous: Matches whether anonymous access is enabled.
•
readonly: Matches whether read-only access is enabled.
Nasuni Management Console Guide 7.9
101
Volumes Page
FTP Directories
Creating FTP directories
Tip: You can only create FTP/SFTP directories for volumes that have the FTP protocol
enabled. To enable the FTP protocol for a volume, see “Enabling multiple volume protocols”
on page 139. To configure FTP/SFTP settings for this Nasuni Filer, see “Editing FTP settings”
on page 202.
To create a new FTP/SFTP directory on a volume that has the FTP protocol enabled, follow these
steps:
1. On the FTP Directories page, click Create FTP Directory. The Create FTP Directory page
appears.
Figure 7-43: Create FTP Directory page.
Nasuni Management Console Guide 7.9
102
Volumes Page
FTP Directories
2. From the Filer drop-down list, select the Nasuni Filer where you want to create the new FTP/
SFTP directory.
3. From the Volume drop-down list, select the volume on the selected Nasuni Filer where you
want to create the new FTP/SFTP directory.
4. Click the Path text box and navigate to the directory you want to access using FTP.
5. In the Name text box, enter a name for this FTP/SFTP directory. The following characters are
not valid for FTP/SFTP directory names:
< > : " / \ | ? *
Tip: For Windows uses, see Naming Files, Paths, and Namespaces.
6. Optionally, enter a descriptive comment in the Comment text box.
7. From the Visibility drop-down list, select the visibility of the new FTP/SFTP directory. Your
choices are:
•
Default: Every file is visible to the user. However, even if a file is visible to the user, the user
might not be able to access the file because of permissions.
•
Hide Unreadable: Files that the user does not have permission to access are not visible to
the user.
•
Invisible: No files are visible to the user. However, if a user has the filename of a file, and the
appropriate permission, the user can access the file.
8. If you want the FTP/SFTP directory to be read-only, select the Read Only check box. This
means that users can access the FTP/SFTP directory, but only have read-only rights and
therefore cannot make changes to any of the files or directories in the FTP/SFTP directory.
9. To control the permissions on new files in this FTP/SFTP directory, there are several choices,
which use umask settings to represent read, write, and execute permissions for the user, the
group, and others. Select one of the following choices from the Permissions on New Files
drop-down menu:
•
No Extra Restrictions (Default): The owner, the group, and all others have all permissions
for all files in this FTP/SFTP directory. This is a umask setting of 000, which, for a requested
permission of 777, produces 777.
•
Read-Only Others: The owner and the group have all permissions for all files in this FTP/
SFTP directory. Others can only read all files in this FTP/SFTP directory. This is a umask
setting of 002, which, for a requested permission of 777, produces 775.
•
Read-Only Groups and Others: The owner has all permissions for all files in this FTP/SFTP
directory. The group and others can only read all files in this FTP/SFTP directory. This is a
umask setting of 022, which, for a requested permission of 777, produces 755.
•
Restrict Others: The owner and the group have all permissions for all files in this FTP/SFTP
directory. Others have no permissions for all files in this FTP/SFTP directory. This is a umask
setting of 006, which, for a requested permission of 777, produces 771.
•
Restrict Groups and Others: The owner has all permissions for all files in this FTP/SFTP
directory. The group and others have no permissions for all files in this FTP/SFTP directory.
This is a umask setting of 066, which, for a requested permission of 777, produces 711.
Nasuni Management Console Guide 7.9
103
Volumes Page
•
FTP Directories
Read-Only Groups, Restrict Others: The owner has all permissions for all files in this FTP/
SFTP directory. The group can only read all files in this FTP/SFTP directory. Others have no
permissions for all files in this FTP/SFTP directory. This is a umask setting of 026, which, for
a requested permission of 777, produces 751.
10. To control which hosts are allowed to connect to this FTP/SFTP directory, in the IP
Restrictions text box, enter a comma-separated list of the IP addresses or subnet addresses of
the hosts that are allowed to access this FTP/SFTP directory. If you leave this field blank, all
hosts on your network have access to this FTP/SFTP directory without restrictions.
Note: You cannot use IP Restrictions in conjunction with Allowed Users/Groups in
step 11 on page 104.
11. To control the users and groups that have access to the FTP/SFTP directory, from the Allowed
Users/Groups drop-down list, select one of the following choices.
•
Everyone: Allows all users and groups to access the FTP/SFTP directory.
•
Anonymous Only: Allows only the anonymous user to access the FTP/SFTP directory. This
selection is only available if Anonymous is enabled, as in step 12 on page 107.
•
Specific Users/Groups: Allows you to specify the users and groups that have access to
this FTP/SFTP directory. The Allowed Groups and Allowed Users areas appear.
Note: You cannot use Allowed Users/Groups in conjunction with IP Restrictions in
step 10 on page 104.
Tip: A user can access the FTP/SFTP directory if the user is accessing the FTP/SFTP
directory from one of the allowed hosts and is either one of the allowed users or a member of
one of the allowed groups.
Tip: To specify users or groups, the users or groups must have Storage Access enabled. See
“Users and Groups” on page 347.
a. To add one group, follow these steps:
i.
In the Allowed Groups area, click Add One. The Name search box appears.
Figure 7-44: Add One Name search box.
Nasuni Management Console Guide 7.9
104
Volumes Page
FTP Directories
ii. Enter a partial or complete group name, then click Search
. The Select Group dialog
box appears, containing the partial or complete group name.
Figure 7-45: Select Group dialog box.
iii. To control the range of the search, select one of the following:
•
All: To search through all groups.
•
Domain only: To search though domain groups only.
•
Native only: To search through native groups only.
iv. Click Search. A list of groups that match your search appears. Select the group to define
access for, then click Add Selected Group. The selected group appears in the Allowed
Groups area.
Figure 7-46: Allowed Groups area.
b. To add more than one group, follow these steps:
i.
In the Allowed Groups area, click Add Many. The Select Groups dialog box appears.
ii. In the Search text box, enter a partial or complete group name.
iii. To control the range of the search, select one of the following:
•
All: To search through all groups.
•
Domain only: To search though domain groups only.
•
Native only: To search through native groups only.
iv. Click Search. A list of groups that match your search appears.
v. Select the groups to define access for, then click Add Selected Groups. The selected
groups appear in the Allowed Groups area.
c. To delete a group from the Allowed Groups list, click Delete next to the group name. The
group is deleted from the list.
Nasuni Management Console Guide 7.9
105
Volumes Page
FTP Directories
d. To add one user, follow these steps:
i.
In the Allowed Users area, click Add One. The Name search box appears.
Figure 7-47: Add One Name search box.
ii. Enter a partial or complete user name, then click Search
appears, containing the partial or complete user name.
. The Select User dialog box
Figure 7-48: Select User dialog box.
iii. To control the range of the search, select one of the following:
•
All: To search through all users.
•
Domain only: To search though domain users only.
•
Native only: To search through native users only.
iv. Click Search. A list of users that match your search appears. Select the user to define
access for, then click Add Selected User. The selected user appears in the Allowed
Users area.
Figure 7-49: Allowed Users area.
e. To add more than one user, follow these steps:
i.
In the Allowed Users area, click Add Many. The Select Users dialog box appears.
ii. In the Search text box, enter a partial or complete user name.
iii. To control the range of the search, select one of the following:
•
All: To search through all users.
•
Domain only: To search though domain users only.
•
Native only: To search through native users only.
Nasuni Management Console Guide 7.9
106
Volumes Page
FTP Directories
iv. Click Search. A list of users that match your search appears.
v. Select the users to define access for, then click Add Selected Users. The selected users
appear in the Allowed Users area.
f.
To delete a user from the Allowed Users list, click Delete next to the user name. The user is
deleted from the list.
12. To allow anonymous FTP/SFTP access, select the Anonymous check box.
Tip: If anonymous FTP/SFTP access is enabled, any user can access the FTP/SFTP
directory.
13. To accept your selections, click Create FTP Directory.
The FTP/SFTP directory is created and appears in the list of FTP directories. The FTP/SFTP
directory is available to users.
Nasuni Management Console Guide 7.9
107
Volumes Page
FTP Directories
Editing FTP directories
To edit the selected FTP/SFTP directory, follow these steps:
1. On the FTP Directories page, click Edit
. The Edit FTP Directory dialog box appears.
Figure 7-50: Edit FTP Directory dialog box.
2. Continue with step 4 on page 103. When finished, click Update FTP Directory.
The FTP/SFTP directory is changed and appears in the list of FTP directories. The FTP/SFTP
directory is available to users.
Alternatively, to exit this screen without changing the FTP/SFTP directory, click the Close
button.
Nasuni Management Console Guide 7.9
108
Volumes Page
FTP Directories
Deleting FTP directories
To delete the selected FTP/SFTP directory, follow these steps:
1. On the FTP Directories page, click Delete
. The Delete FTP Directory dialog box appears.
Figure 7-51: Delete FTP Directory dialog box.
2. Verify that the correct FTP/SFTP directory, volume, and Nasuni Filer appear.
3. Enter a Username (case-sensitive) and Password (case-sensitive) that has permission to
perform this operation.
4. Click Delete FTP Directory to delete the FTP/SFTP directory.
Alternatively, to exit this screen without deleting the FTP/SFTP directory, click the Close button.
Nasuni Management Console Guide 7.9
109
Volumes Page
Shares
Shares
You can create, view, edit, and delete CIFS shares from CIFS volumes.
Viewing shares
To view CIFS shares from CIFS volumes, follow these steps:
1. Click Volumes, then click Shares in the left-hand column. The Shares page displays a list of
shares from CIFS volumes on managed Nasuni Filers.
Figure 7-52: Shares page.
The following information appears for each CIFS share in the list:
•
Volume: The CIFS volume of the CIFS share.
•
Filer: The name of the Nasuni Filer where a CIFS share is located.
•
Share Name: The name of the CIFS share.
•
Descriptive comment for the CIFS share.
•
Path: The path to the CIFS share.
•
Security Mode (CIFS volumes only): The security mode of the CIFS share: Active Directory,
LDAP Directory Services, Publicly Available, or Unknown.
•
Actions: Actions available for each CIFS share.
•
Protocols: The supported versions of the CIFS or SMB protocol.
Filtering the Display
Using the Filter text box, you can limit the display to items that match the criteria that you enter. See
“Filtering Displays” on page 394 for details. On this screen, the following field names are available:
•
volume: Matches values in the Volume field.
•
filer: Matches values in the Filer field.
•
name: Matches values in the Share Name field.
•
path: Matches values in the Path field.
On this screen, the following conditions are available:
•
aio: Matches whether Asynchronous I/O is enabled.
Nasuni Management Console Guide 7.9
110
Volumes Page
Shares
•
authall: Matches whether Authenticate all Users is enabled.
•
browsable: Matches whether Visible Share is enabled.
•
browser_access: Matches whether Web Access is enabled.
•
case_sensitive: Matches whether Case-Sensitive Paths is enabled.
•
hide_unreadable: Matches whether Hide Unreadable Files is enabled.
•
mobile: Matches whether Mobile Access is enabled.
•
previous_versions: Matches whether Previous Versions is enabled.
•
readonly: Matches whether read-only access is enabled.
•
snapshot_dirs: Matches whether Snapshot Directory Access is enabled.
Creating shares
Tip: You can only add CIFS shares to a volume that has the CIFS protocol enabled. To create
a CIFS volume, see “Create Volume” on page 64. To enable the CIFS protocol for a volume,
see “Protocols” on page 137.
To create a new CIFS share, follow these steps:
1. On the Shares page, click Create Share. The Create Share page appears.
Figure 7-53: Create Share page (top part).
2. From the Filer drop-down list, select the Nasuni Filer where you want to create the new CIFS
share.
3. From the Volume drop-down list, select the CIFS volume where you want to create the new
CIFS share.
4. Click the Folder text box and navigate to the folder you want to share.
Nasuni Management Console Guide 7.9
111
Volumes Page
Shares
5. In the Name text box, enter a name for this share. The following characters are not valid for
share names:
<
>
:
"
/
\
|
?
*
Also, do not use the $ character at the end of the name of the share. Windows clients interpret
these shares as hidden.
If the Security of this Nasuni Filer is Directory Services, and if User Folders Support is
enabled, you can modify the name of the share to include the wildcard “%U” to represent the
user name. (See step 18 on page 117.) For example, the wildcard share name:
%U_share
for the user “rudyg” becomes the share name:
rudyg_share
If the share “%U_share” maps to the folder “/homes”, then, when the user maps
“rudyg_share”, the resulting location is “/homes/rudyg”. This can simplify creating multiple
shares for multiple users.
Tip: For Windows uses, see Naming Files, Paths, and Namespaces.
6. Optionally, enter a descriptive comment in the Comment text box.
7. If you want the share to be visible in the list of shares when users map the Nasuni Filer, select
the Visible Share check box. If the share is not visible, it does not appear in the list of shares
when users map the Nasuni Filer; however, if you know the share’s name, you can still map the
share directly.
Nasuni Management Console Guide 7.9
112
Volumes Page
Shares
8. If you want the share folder to be read-only for users on the network, select the Read Only
Share check box. This means that users can access the share, but only have read-only rights
and, therefore, cannot make changes to any of the files in the shared folder.
The Advanced Settings area contains additional settings.
Figure 7-54: Advanced Settings area.
9. In the Allowed Hosts text box, enter the IP addresses, IP address/netmask values, or ranges of
IP addresses of the hosts that are allowed to access the share folder on your network. If you
leave this field blank, all hosts on your network have access to the share without restrictions.
Separate entries with spaces.
Nasuni Management Console Guide 7.9
113
Volumes Page
Shares
10. In the Block files text box, enter the names of files or directories to make invisible and
inaccessible in the share. Enter one name per line. You can use wildcard characters, such as
“?” and “*”. Do not use the forward slash “/” character.
Note: Using this feature can break compatibility with some clients.
11. If the Security of this Nasuni Filer is Authenticated Access (meaning either Active Directory or
LDAP Directory Services), the Authentication, Groups, Users, and Asynchronous I/O options
appear. Otherwise, if the Security of this Nasuni Filer is Publicly Available, the Authentication,
Groups, Users, and Asynchronous I/O options do not appear.
12. To authenticate all users, from the Authentication drop-down list, select Authenticate all
Users.
13. Otherwise, to authenticate only specified groups and users, from the Authentication dropdown list, select Authenticate only specified Groups and Users. This enables the Groups and
Users areas.
Tip: To specify users or groups, the users or groups must have Storage Access enabled. See
“Console Users and Groups” on page 342.
a. To add one group, follow these steps:
i.
In the Groups area, click Add One. The Name search box appears.
Figure 7-55: Add One Name search box.
ii. Enter a partial or complete group name, then click Search
. The Select Group dialog
box appears, containing the partial or complete group name.
Figure 7-56: Select Group dialog box.
iii. To control the range of the search, select one of the following:
•
All: To search through all groups.
•
Domain only: To search though domain groups only.
•
Native only: To search through native groups only.
Nasuni Management Console Guide 7.9
114
Volumes Page
Shares
iv. Click Search. A list of groups that match your search appears. Select the group to define
access for, then click Add Selected Group. The selected group appears in the Groups
area.
Figure 7-57: Groups area.
b. To add more than one group, follow these steps:
i.
In the Groups area, click Add Many. The Select Groups dialog box appears.
ii. In the Search text box, enter a partial or complete group name.
iii. To control the range of the search, select one of the following:
•
All: To search through all groups.
•
Domain only: To search though domain groups only.
•
Native only: To search through native groups only.
iv. Click Search. A list of groups that match your search appears.
v. Select the groups to define access for, then click Add Selected Groups. The selected
groups appear in the Groups area.
c. For each group in the Groups list, from the Access drop-down list, select either Read-Write,
Read-Only, or Deny.
d. To delete a group from the Groups list, click Delete next to the group name. The group is
deleted from the list.
e. To add one user, follow these steps:
i.
In the Users area, click Add One. The Name search box appears.
Figure 7-58: Add One Name search box.
Nasuni Management Console Guide 7.9
115
Volumes Page
Shares
ii. Enter a partial or complete user name, then click Search
appears, containing the partial or complete user name.
. The Select User dialog box
Figure 7-59: Select User dialog box.
iii. To control the range of the search, select one of the following:
•
All: To search through all users.
•
Domain only: To search though domain users only.
•
Native only: To search through native users only.
iv. Click Search. A list of users that match your search appears. Select the user to define
access for, then click Add Selected User. The selected user appears in the Users area.
Figure 7-60: Users area.
f.
To add more than one user, follow these steps:
i.
In the Users area, click Add Many. The Select Users dialog box appears.
ii. In the Search text box, enter a partial or complete user name.
iii. To control the range of the search, select one of the following:
•
All: To search through all users.
•
Domain only: To search though domain users only.
•
Native only: To search through native users only.
iv. Click Search. A list of users that match your search appears.
v. Select the users to define access for, then click Add Selected Users. The selected users
appear in the Users area.
g. For each user in the Users list, from the Access drop-down list, select either Read-Write,
Read-Only, or Deny.
h. To delete a user from the Users list, click Delete next to the user name. The user is deleted
from the list.
Nasuni Management Console Guide 7.9
116
Volumes Page
Shares
14. To hide files and folders that a user cannot access, leave the Hide Unreadable Files check box
selected. This option is selected by default.
15. To allow clients to view or restore files using the Previous Versions tab in Windows, select the
Enable Previous Versions check box. For details on using Windows Previous Versions, see
your Microsoft Windows documentation.
Tip: When Windows Explorer has a folder open of a share hosted by a Nasuni Filer, you
might experience performance issues if you have enabled Previous Versions for that
share. To mitigate such performance issues:
• On the Nasuni Filer or the NMC, disable Previous Versions for the original share.
• Create a 2nd share identical to the first, and enable Previous Versions for the 2nd
share.
• Instruct users who are using the original share to NOT enable Windows Previous
Versions.
• If a user needs to use Windows Previous Versions, instruct them to use the 2nd share.
16. To enable case sensitivity for file or folder names, select the Case-Sensitive Paths check box.
Using case-sensitive paths improves performance.
Note: Even if case-sensitivity is not enabled, non-Windows clients such as Linux might
still treat the paths as case-sensitive.
17. To enable clients to access hidden snapshot directories within the share, select the Enable
Snapshot Directories check box. The volume must have Snapshot Directory Access enabled.
See “Snapshot Directory Access” on page 150.
Note: Snapshot directory access can add a significant load to the Nasuni Filer.
Note: When Enable Snapshot Directories is enabled on a share, you cannot delete
directories from the client.
Note: The setting of Windows Previous Versions is independent of the setting of
Snapshot Directory Access.
18. If the Security of this Nasuni Filer is Directory Services, then User Folders Support is available.
To enable User Folders Support, select Enabled from the User Folders Support drop-down
list. Otherwise, select Disabled from the User Folders Support drop-down list.
If enabled, the target folder path for the share is automatically appended with a folder named for
the user. For example, the share “homes” that points to the folder “/homes” mounted by the
user “rudyg” results in a mapping to “/homes/rudyg”. This can simplify setting up multiple
shares for multiple users.
In addition, you can modify the name of the share to include the wildcard “%U” to represent the
user name. See step 5 above for details.
Note: If you use this option, disabling case sensitivity is recommended.
Note: Even if Case-Sensitive Paths is not enabled, UNC paths accessed via User Folders
Support are case-sensitive.
Nasuni Management Console Guide 7.9
117
Volumes Page
Shares
19. To enable access by mobile devices, such as iPhones and Android phones, select the Desktop
and Mobile Access check box. For details on the Mobile Service, see “Mobile Settings” on
page 240 and “Mobile Licenses” on page 243. See www.nasuni.com/support/documentation
for a worksheet for planning configurations.
Also, to enable access using the Nasuni Desktop Client, select the Desktop and Mobile
Access check box. For more details on the Nasuni Desktop Client, see www.nasuni.com/
support/documentation for the Nasuni Desktop Client Administrator Guide and the Nasuni
Desktop Client User Guide.
20. To enable Web Access to files and folders, select the Web Access check box. The Web
Access Settings pane appears. Continue with specific instructions at “Web Access Settings”
on page 119.
Note: Web Access is not available with LDAP Directory Services security.
21. If the Security of this Nasuni Filer is Authenticated Access (meaning either Active Directory or
LDAP Directory Services), then Asynchronous I/O is available. This enables concurrent read and
write access to the share. To enable Asynchronous I/O, select Enable Asynchronous I/O.
Asynchronous I/O is enabled by default.
22. To enable support for the SMB2 protocol for Mac OS X clients, select Enhanced Support for
Mac OS X. Enabling this can speed up performance for Mac OS X clients.
23. To create the share, click Create Share. The share is created and appears in the list of CIFS
shares.
Nasuni Management Console Guide 7.9
118
Volumes Page
Shares
Web Access Settings
In the Web Access Settings pane, you can specify details about Shared Links.
A shared link is a secure, signed URL that points to a specific file or folder within Web Access. This can
be useful for providing a trusted partner or contractor with secure access to a folder or file that they do
not have credentials to access directly. For more details on shared links, see “Shared Links” on
page 159 in the Nasuni Filer Administration Guide. You can control how long until the shared link
expires, whether a password is required, and who is allowed to create shared links.
If Web Access is enabled, the Web Access Settings pane appears.
Figure 7-61: Web Access Settings pane.
To configure shared links, follow these steps:
1. To allow creating shared links, select Enable Shared Links.
2. If Shared Links are enabled, in the External Hostname text box, optionally enter an external
hostname that users can access for the shared links.
3. If shared links are enabled, in the Maximum Expiration text box, enter the maximum number of
days until a shared link expires. To specify that there is no limit to the time until expiration, enter
0 (zero).
4. If shared links are enabled, to specify that any shared links must include a password, select
Require Password.
5. If shared links are enabled, to allow creating shared links that permit writing to directories,
select Allow Writable Shared Links to Directories.
Nasuni Management Console Guide 7.9
119
Volumes Page
Shares
6. If shared links are enabled, select either Allow all Users or Allow only specified Groups and
Users from the Shared Link Permissions drop-down list.
7. If shared links are enabled, and you selected Allow only specified Groups and Users, you can
specify the groups and users who can create shared links.
Note: If you specify groups and also specify users within the specified groups, the
Access for the specified users is given by this table:
If the group Access is
and the user Access is: then the user’s actual Access
is:
Deny
Deny
Deny
Deny
Read-Write
Deny
Deny
Read-Only
Deny
Read-Write
Deny
Deny
Read-Write
Read-Write
Read-Write
Read-Write
Read-Only
Read-Write
Read-Only
Deny
Deny
Read-Only
Read-Write
Read-Write
Read-Only
Read-Only
Read-Only
If a user is not a member of a specified group, then the Access specification for the user is
not affected by the Access specification for the specified group.
Follow these steps:
a. To add one group, follow these steps:
i.
In the Groups area, click Add One. The Domain\Name search box appears.
Figure 7-62: Add One Name search box.
Nasuni Management Console Guide 7.9
120
Volumes Page
Shares
ii. Enter a partial or complete group name, then click Search
. The Select Group dialog
box appears, containing the partial or complete group name.
Figure 7-63: Select Group dialog box.
iii. To control the range of the search, select one of the following:
•
All: To search through all groups.
•
Domain only: To search though domain groups only.
•
Native only: To search through native groups only.
iv. Click Search. A list of groups that match your search appears.
v. Select the group, then click Add Selected Group. The selected group appears in the
Groups area.
Figure 7-64: Groups area.
b. To add more than one group, follow these steps:
i.
In the Groups area, click Add Many. The Select Groups dialog box appears.
ii. In the Search text box, enter a partial or complete group name.
iii. To control the range of the search, select one of the following:
•
All: To search through all groups.
•
Domain only: To search though domain groups only.
•
Native only: To search through native groups only.
iv. Click Search. A list of groups that match your search appears.
v. Select the groups, then click Add Selected Groups. The selected groups appear in the
Groups area.
Nasuni Management Console Guide 7.9
121
Volumes Page
Shares
c. For each group in the Groups list, from the Access drop-down list, select either Read-Write,
Read-Only, or Deny.
d. To delete a group from the Groups list, click Delete next to the group name. The group is
deleted from the list.
e. To add one user, follow these steps:
i.
In the Users area, click Add One. The Name search box appears.
Figure 7-65: Add One Name search box.
ii. Enter a partial or complete user name, then click Search
appears, containing the partial or complete user name.
. The Select User dialog box
Figure 7-66: Select User dialog box.
iii. To control the range of the search, select one of the following:
•
All: To search through all users.
•
Domain only: To search though domain users only.
•
Native only: To search through native users only.
iv. Click Search. A list of users that match your search appears. Select the user, then click
Add Selected User. The selected user appears in the Users area.
Figure 7-67: Users area.
f.
To add more than one user, follow these steps:
i.
In the Users area, click Add Many. The Select Users dialog box appears.
ii. In the Search text box, enter a partial or complete user name.
Nasuni Management Console Guide 7.9
122
Volumes Page
Shares
iii. To control the range of the search, select one of the following:
•
All: To search through all users.
•
Domain only: To search though domain users only.
•
Native only: To search through native users only.
iv. Click Search. A list of users that match your search appears.
v. Select the users, then click Add Selected Users. The selected users appear in the Users
area.
g. For each user in the Users list, from the Access drop-down list, select either Read-Write,
Read-Only, or Deny.
h. To delete a user from the Users list, click Delete next to the user name. The user is deleted
from the list.
8. Continue with the procedure at step 21 on page 118.
Tip: You can change the logo and the primary and secondary colors of the Web Access
display for branding purposes. See “Web Access Branding” on page 234.
Editing shares
To edit the selected share, follow these steps:
1. On the Shares page, for the selected share, click Edit
. The Edit Share dialog box appears.
Figure 7-68: Edit Share dialog box.
Follow the procedure in “Creating shares” on page 111, starting with step 4.
2. To accept your selections, click Update Share.
The share is changed and appears in the list of shares.
Alternatively, to exit this screen without changing the share, click the Close button.
Nasuni Management Console Guide 7.9
123
Volumes Page
Shares
Deleting shares
To delete a selected share, follow these steps:
1. On the Shares page, click Delete
. The Delete Share dialog box appears.
Figure 7-69: Delete Share dialog box.
2. The share name appears in the dialog box. Confirm that the correct share is about to be
deleted.
3. Enter a Username (case-sensitive) and Password (case-sensitive) that has permission to
perform this operation.
4. Click Delete Share to delete the share.
Alternatively, to exit this screen without deleting the share, click the Close button.
Nasuni Management Console Guide 7.9
124
Volumes Page
iSCSI
iSCSI
You can view and edit iSCSI volumes on the iSCSI page.
Viewing iSCSI volumes
To view iSCSI volumes, follow these steps:
1. Click Volumes, then click iSCSI. The Volume iSCSI Settings page displays a list of iSCSI
volumes on managed Nasuni Filers.
Figure 7-70: Volume iSCSI Settings page.
The following information appears for each iSCSI volume in the list:
•
Name: The name of the iSCSI volume.
•
Filer: The name of the Nasuni Filer where this volume is located.
•
Target Name: The iSCSI Qualified Name of the iSCSI target, in this format:
•
“iqn.”
•
Date that the naming authority took ownership of the domain, in yyyy-mm format.
•
“.”, followed by the reversed domain name of the authority, such as com.nasuni.
•
“:”, followed by a storage target name specified by the naming authority.
Example: iqn.2008-11.com.nasuni:filer.nasuni.net:51
•
Volume Size: The size of the iSCSI volume.
•
Allowed Hosts: IP addresses or subnet addresses of hosts that are allowed to access this
volume.
•
CHAP Username: Challenge-Handshake Authentication Protocol (CHAP) User Name with
which initiators must log in.
Nasuni Management Console Guide 7.9
125
Volumes Page
iSCSI
Editing iSCSI volumes
To edit iSCSI volumes, follow these steps:
1. On the Volume iSCSI Settings page, select the iSCSI volumes in the list that you want to edit.
2. Click Edit Volumes. The Edit iSCSI Settings dialog box appears.
Figure 7-71: Edit iSCSI Settings dialog box.
3. If only one iSCSI volume is selected, in the Target Name text box, you can change the Target
Name. The Target Name is the iSCSI Qualified Name of the iSCSI target, in this format:
•
“iqn.”
•
Date that the naming authority took ownership of the domain, in yyyy-mm format.
•
“.”, followed by the reversed domain name of the authority, such as com.nasuni.
•
“:”, followed by a storage target name specified by the naming authority.
Example: iqn.2008-11.com.nasuni:filer.nasuni.net:51
4. To control which hosts are allowed to connect to this volume, in the Allowed Hosts text box,
you can change the comma-separated list of the IP addresses or subnet addresses of the hosts
that are allowed to access this volume. If you leave this field blank, all hosts on your network
have access to this volume without restrictions.
5. To restrict access to this iSCSI volume, in the CHAP User Name text box, you can enter a
Challenge-Handshake Authentication Protocol (CHAP) User Name with which initiators must log
in. In the CHAP Password text box, you can enter a Challenge-Handshake Authentication
Protocol (CHAP) Password with which initiators must log in.
Nasuni Management Console Guide 7.9
126
Volumes Page
iSCSI
6. In the Volume Size text box, enter the Volume Size, in GB.
Note: All iSCSI (SAN) volume data is pinned in the cache. Therefore, the Volume Size of
an iSCSI volume is limited by the size of the cache. iSCSI volumes can use up to 75
percent of the cache. The computed limit is displayed.
Note: The Volume Size of an iSCSI volume can be increased, if necessary, but not
decreased.
7. Click Save iSCSI Settings. The changes to the iSCSI settings are saved and appear in the list of
iSCSI volumes.
Alternatively, to exit the dialog box without changing the iSCSI settings, click Close.
Nasuni Management Console Guide 7.9
127
Volumes Page
Auto Cached Folders
Auto Cached Folders
You can view folders that have Auto Cache enabled.
If you enable the “Auto Cache” option for a folder, new data in that folder is brought into the local cache
immediately from other Nasuni Filers that are attached to this volume. Otherwise, new data is brought
into the local cache from other Nasuni Filers when that data is accessed next.
Note: Before enabling Auto Cache for a folder, the folder’s volume must have Remote
Access enabled and Auto Cache enabled. For details, see “Editing remote access settings”
on page 148 and “Scheduling Syncs” on page 158.
Note: Auto Cache is only available for shared or remote volumes.
Note: You can also enable Auto Cache for volumes. See “Scheduling Syncs” on page 158.
Tip: To enable or disable Auto cache for a folder, see “Enabling Auto Cache for Folders” on
page 83.
See www.nasuni.com/support/documentation for a worksheet for planning configurations.
Viewing folders that have Auto Cache enabled
To view folders that have Auto Cache enabled, follow these steps:
1. Click Auto Cached Folders. The Auto Cached Folders page displays a list of folders that have
Auto Cache enabled on managed Nasuni Filers.
Figure 7-72: Auto Cached Folders page.
2. Click the right-facing arrow beside each folder to reveal the folders that have Auto Cache
enabled for each Nasuni Filer for that folder. To reveal the folders that have Auto Cache enabled
of all Nasuni Filers, click Expand All. To collapse the display of the folders that have Auto Cache
enabled of all Nasuni Filers, click Collapse All.
The following information appears for each folder that has Auto Cache enabled in the list:
•
Name: The name of the folder that has Auto Cache enabled.
•
Filer: The names or number of Nasuni Filers that access the folder that has Auto Cache
enabled.
•
Volume Auto Cache: Indicates whether Auto Cache is enabled or disabled for the volume:
Enabled or Disabled.
•
Path: The path to the folder that has Auto Cache enabled.
Nasuni Management Console Guide 7.9
128
Volumes Page
Auto Cached Folders
Disabling Auto Cache
To disable Auto Cache for a folder, follow these steps:
1. Click Auto Cached Folders. The Auto Cached Folders page displays a list of folders that have
Auto Cache enabled on managed Nasuni Filers.
Figure 7-73: Auto Cached Folders page.
2. Click the right-facing arrow beside each folder to reveal the folders that have Auto Cache
enabled for each Nasuni Filer for that folder. To reveal the folders that have Auto Cache enabled
for all Nasuni Filers, click Expand All. To collapse the display of the folders that have Auto
Cache enabled for all Nasuni Filers, click Collapse All.
3. For the folder where you want to disable Auto Cache, click Disable. The Disable Folder Setting
dialog box appears.
Figure 7-74: Disable Folder Setting page.
4. Verify that the information is correct, then click Disable Folder Setting.
Auto Cache is disabled for the folder.
Nasuni Management Console Guide 7.9
129
Volumes Page
Encryption Keys
Encryption Keys
You can view, add, enable, and disable volume encryption keys on the Volume Encryption Keys page.
Note: You can upload encryption keys to the Nasuni Management Console. See “Uploading
(importing or adding) encryption keys to the NMC” on page 324.
Note: You can send encryption keys from the Nasuni Management Console to Nasuni Filers.
See “Sending encryption keys to Nasuni Filers” on page 211.
All data on a volume is encrypted using one or more encryption keys before being sent to cloud
storage. Volumes may be encrypted with one or more encryption keys, and encryption keys may be
used for any number of volumes.
There are several actions you can perform on encryption keys, including adding new encryption keys,
enabling or disabling encryption keys, escrowing encryption keys with Nasuni, and, under certain
circumstances, deleting encryption keys.
Important: All uploaded encryption keys should be at least 2048 bits long.
At least one encryption key must be enabled for a volume, but several encryption keys can be enabled
at the same time. When multiple encryption keys are enabled, all of the enabled encryption keys are
used to encrypt data in such a way that any one of the encryption keys can decrypt the data.
There are several reasons you might want to disable an encryption key, such as, when someone with
access to the encryption key leaves the company, or if your enterprise has a policy of rotating
encryption keys periodically. When you disable an encryption key, no future data is encrypted with that
encryption key. However, all data previously encrypted by that disabled encryption key remains
encrypted by that disabled encryption key. For this reason, before you disable an encryption key, you
should consider establishing a snapshot retention policy that removes the data that was encrypted with
the disabled encryption key.
Because volumes must have at least one encryption key associated with them, in practice you add a
new encryption key to a volume first, and then disable the existing encryption key.
You can delete encryption keys, but only in the case where they are not being used by any volumes.
You cannot modify encryption keys stored on the system. For security reasons, encryption keys that
you upload cannot be downloaded from the system. You can only download encryption keys that the
Nasuni Filer has generated internally.
Nasuni Management Console Guide 7.9
130
Volumes Page
Encryption Keys
Viewing encryption keys
Note: The list of encryption keys on the Volumes page only shows encryption keys that are in
use by a volume. If you upload encryption keys to a Nasuni Filer, but do not use the
encryption keys on a volume, the encryption keys do not appear on this page. However, such
encryption keys do appear on the list of encryption keys on the Filers page. See “Viewing
encryption keys on Nasuni Filers” on page 209.
To view encryption keys, follow these steps:
1. Click Volumes, then click Encryption Keys in the left-hand column. The Volume Encryption
Keys page displays a list of volume encryption keys on managed Nasuni Filers.
Figure 7-75: Volume Encryption Keys page.
The following information appears for each encryption key in the list:
•
Name: The name of the volume with the encryption key.
•
Filer: The name of the Nasuni Filer where this volume is located.
•
Encryption Keys: The names of the encryption keys for this volume.
•
•
Fingerprint: The fingerprint is a cryptographic hash of the encryption key.
•
State: The state of this encryption key: Enabled or Disabled.
Actions: Actions available for each volume.
Adding encryption keys to a volume
To add encryption keys to a volume, follow these steps:
1. On the Volume Encryption Keys page, for the selected volume, click Edit
Encryption Keys dialog box appears.
. The Edit
Figure 7-76: Edit Encryption Keys dialog box.
Nasuni Management Console Guide 7.9
131
Volumes Page
Encryption Keys
2. To add an existing encryption key to this volume, click Add Keys. The Add Encryption Keys
dialog box appears
Figure 7-77: Add Encryption Keys dialog box.
In this dialog box, you can view information about each of the encryption keys currently
available to use, including the encryption key Name, Fingerprint, and Key ID. The fingerprint is
a cryptographic hash of the encryption key. The key ID is a shorter version of the fingerprint of
the encryption key, generally including just the last 8 digits.
3. Select the encryption keys to add to this volume.
4. Click Add Encryption Keys. The selected encryption keys are added to this volume. The
encryption keys appear in the list of encryption keys on the Volume Encryption Keys page.
Enabling encryption keys for a volume
To enable encryption keys for a volume, follow these steps:
1. On the Volume Encryption Keys page, for the selected volume, click Edit
Encryption Keys dialog box appears.
. The Edit
Figure 7-78: Edit Encryption Keys dialog box.
Nasuni Management Console Guide 7.9
132
Volumes Page
Encryption Keys
2. To enable an encryption key for this volume, click Enable.
3. Click Save Encryption Keys. The selected encryption key is enabled for this volume. The
encryption key appears in the list of encryption keys on the Volume Encryption Keys page with
the state Enabled.
Alternatively, to exit the dialog box without enabling the selected encryption key, click Close.
Disabling encryption keys for a volume
To disable encryption keys for a volume, follow these steps:
1. On the Volume Encryption Keys page, for the selected volume, click Edit
Encryption Keys dialog box appears.
. The Edit
Figure 7-79: Edit Encryption Keys dialog box.
2. To disable an encryption key for this volume, click Disable.
3. Click Save Encryption Keys. The selected encryption key is disabled for this volume. The
encryption key appears in the list of encryption keys on the Volume Encryption Keys page with
the state Disabled.
Alternatively, to exit the dialog box without disabling the selected encryption key, click Close.
Nasuni Management Console Guide 7.9
133
Volumes Page
Name of volume
Name of volume
You can view or change the name of a volume.
Note: If a snapshot is in progress when you attempt to rename a volume, you receive a
message to retry after the snapshot is complete.
See www.nasuni.com/support/documentation for a worksheet for planning configurations.
Viewing volume names
To view volume names, follow these steps:
1. Click Name. The Volume Name page displays a list of volume names.
Figure 7-80: Volume Name page.
The following information appears for each volume name in the list:
•
Name: The name of the volume.
•
Filer: The name of the Nasuni Filer where this volume is located.
•
Actions: Actions available for each volume.
Nasuni Management Console Guide 7.9
134
Volumes Page
Name of volume
Changing volume name
To rename a volume, follow these steps:
1. On the Volume Name page, select a volume, then click Edit
dialog box appears.
. The Volume Name Settings
Figure 7-81: Volume Name Settings dialog box.
2. Enter the new name for the volume in the Volume Name text box.
Note: For iSCSI volumes, the iSCSI volume name is used to generate the target name.
This includes changing any upper-case letters to lower-case, and changing any nonASCII symbols to their hex code.
3. Click Save Name. The volume name is changed. The volume appears in the list on the Volume
Name page.
Alternatively, to exit the dialog box without changing the volume name, click Close.
Nasuni Management Console Guide 7.9
135
Volumes Page
Pinned Folders
Pinned Folders
You can view pinned folders.
Pinning a folder ensures that a folder's contents must remain in the local cache at all times. This can
improve performance and reduce the time necessary to return accessed data to clients.
Note: Enabling this feature means that the entire folder remains resident in the cache at all
times. This reduces the available cache by the size of the folder. If too much cache space is
taken up by pinned folders, an Alert notification is given.
Note: Pinning a folder does not bring the folder’s data into the cache. If the folder’s data is
not already present in the cache, you must specifically bring that data to the cache. You can
use the File Browser to bring data to the cache. See “Bringing Data into Cache of the Nasuni
Filer” on page 80.
Note: All iSCSI data is pinned in the cache, so it is not necessary to pin iSCSI volumes.
Note: To enable or disabling pinning for a folder, see “Pinning Folders in the Cache” on
page 81.
To view unprotected files in the cache, see “Unprotected Files” on page 89.
See www.nasuni.com/support/documentation for a worksheet for planning configurations.
Viewing and disabling pinned folders
To view or disable pinned folders, follow these steps:
1. Click Pinned Folders. The Pinned Folders page displays a list of pinned folders on managed
Nasuni Filers.
Figure 7-82: Pinned Folders page.
2. Click the right-facing arrow beside each folder to reveal the pinned folders for each Nasuni Filer
for that folder. To reveal the pinned folders of all Nasuni Filers, click Expand All. To collapse the
display of the pinned folders of all Nasuni Filers, click Collapse All.
The following information appears for each pinned folder in the list:
•
Name: The name of the pinned folder.
•
Filer: The names or number of Nasuni Filers that access the pinned folder.
•
Path: The path to the pinned folder, or “Entire Volume” if the entire volume is pinned.
3. To disable pinning for a folder, click Disable for that folder. The folder is no longer pinned.
Nasuni Management Console Guide 7.9
136
Volumes Page
Protocols
Protocols
You can assign CIFS, NFS, and FTP/SFTP protocols to existing CIFS and NFS volumes. This enables
you to allow access to data using multiple protocols. This might be helpful for simplifying access by
users or applications.
Tip: You cannot assign multiple protocols to a volume to which a volume running a pre-6.0
version is connected. Update the connected volume to version 6.0 or later first, then perform
a snapshot for the volume.
Note: If a volume has Remote Access enabled and other volumes connect to this volume,
the connected volumes inherit the same protocols as this volume. If these protocols change,
the connected volumes inherit the changed protocols. This can take some time. You can
refresh the volume connections in order to inherit the changed protocols immediately. The
connected Nasuni Filer must be running version 6.0 or later software in order to connect to a
remote volume that has multiple protocols defined.
Tip: In order to access data using the FTP/SFTP protocol, the following steps are necessary:
1. Create a CIFS or NFS volume. See “Create Volume” on page 64.
2. Enable the FTP protocol on the volume. See “Enabling multiple volume protocols” on
page 139.
3. (Optional) Configure FTP/SFTP settings. See “Editing FTP settings” on page 202.
4. Add a new FTP/SFTP directory. See “Creating FTP directories” on page 102.
5. (Optional) Create a permission group that has storage access. See “Adding Permission
Groups” on page 350 in the Nasuni Filer Administration Guide.
6. (Optional) Create a user in a permission group that has storage access. See “Adding Users”
on page 356 in the Nasuni Filer Administration Guide. Active Directory and LDAP users can
log in for FTP access just as they do for CIFS access. Also, if anonymous access is enabled,
you don't need a specific group or user.
7. Access files using the FTP/SFTP protocol.
Viewing multiple volume protocols
To view the protocols that are enabled for volumes, follow these steps:
1. Click Protocols. The Volume Protocols page displays a list of volume names.
Figure 7-83: Volume Protocols page.
Nasuni Management Console Guide 7.9
137
Volumes Page
Protocols
The following information appears for each volume name in the list:
•
Name: The name of the volume.
•
Filer: The name of the Nasuni Filer where this volume is located.
•
Protocols: The protocols enabled for the volume.
•
Permissions Policy: The permissions policy for the selected protocols, out of the following:
UNIX/NFS Permissions Only Mode: Default mode for NFS volumes. Recommended for
primary or heavy NFS use. Not recommended for Windows users. Only the traditional UNIX
mode bits control permissions (chmod). Windows can view permissions as access control
lists (ACLs), but cannot add or remove access control entries (ACEs). Windows CIFS users
can change permissions using the Security tab of the Windows Properties dialog box.
NTFS Compatible Mode: Default mode for CIFS volumes on Nasuni Filers joined to Active
Directory. Recommended for volumes with only CIFS protocol enabled, or for volumes with
CIFS and FTP/SFTP protocols enabled, but with read-only FTP/SFTP or only occasional
FTP/SFTP writes. Not recommended for mixed protocol support. Produces full NTFS
permissions, as supported on CIFS/SMB. Windows clients obey inheritance rules. NFS and
FTP/SFTP protocols cannot see all NTFS permissions and do not obey all access rules in
NTFS permissions. NFS and FTP/SFTP protocols obey only the POSIX access control list
(ACL) component of inheritance rules.
POSIX Mixed Mode: Default mode for CIFS volumes on Nasuni Filers joined to LDAP.
Recommended for combined CIFS and FTP/SFTP volumes, with light NFS use. Also
recommended for CIFS-only volumes with Linux or Mac clients, with UNIX extensions
enabled. Access control lists (ACLs) are supported entirely through POSIX ACLs. Windows
clients receive mapping of POSIX ACLs to NTFS ACLs. However, the mappings are not as
complete as mappings done for NTFS Compatible Mode. NFS clients cannot view the ACLs.
The NFSv4 protocol automatically translates the underlying ACLs to NFSv4 ACLs. The
common tools for managing POSIX ACLs are not supported on NFSv4. To manage ACLs
using NFSv4, you must use the NFSv4 ACL tools. Not all Nasuni Filers support NFSv4. You
can check whether NFSv4 is supported on the NFS Status page (Nasuni Filers) or the
Exports page (NMC).
Unauthenticated Access Mode: Default mode for CIFS volumes on Nasuni Filers that are
not joined to Active Directory or to LDAP. Recommended for CIFS Public-mode volumes.
Nasuni Management Console Guide 7.9
138
Volumes Page
Protocols
For CIFS clients, this mode acts as an open share. For all other protocols, this mode acts
identically to POSIX Mixed Mode.
Actions: Actions available for each volume.
Enabling multiple volume protocols
To enable CIFS, NFS, or FTP/SFTP protocols for a CIFS or NFS volume, follow these steps:
1. Click Protocols. The Volume Protocols page displays a list of volume names.
Figure 7-84: Volume Protocols page.
2. For the selected volume, click Edit
. The Volume Protocol Settings dialog box appears.
Figure 7-85: Volume Protocol Settings dialog box.
The currently enabled protocols for the volume are selected.
3. To enable another protocol, select that protocol also.
Warning: After enabling a protocol, you cannot disable that protocol.
4. From the Volume Permissions Policy drop-down list, select one of the following:
UNIX/NFS Permissions Only Mode: Default mode for NFS volumes. Recommended for
primary or heavy NFS use. Not recommended for Windows users. Only the traditional UNIX
mode bits control permissions (chmod). Windows can view permissions as access control lists
(ACLs), but cannot add or remove access control entries (ACEs). Windows CIFS users can
change permissions using the Security tab of the Windows Properties dialog box.
NTFS Compatible Mode: Default mode for CIFS volumes on Nasuni Filers joined to Active
Directory. Recommended for volumes with only CIFS protocol enabled, or for volumes with
CIFS and FTP/SFTP protocols enabled, but with read-only FTP/SFTP or only occasional FTP/
SFTP writes. Not recommended for mixed protocol support. Produces full NTFS permissions,
as supported on CIFS/SMB. Windows clients obey inheritance rules. NFS and FTP/SFTP
Nasuni Management Console Guide 7.9
139
Volumes Page
Protocols
protocols cannot see all NTFS permissions and do not obey all access rules in NTFS
permissions. NFS and FTP/SFTP protocols obey only the POSIX access control list (ACL)
component of inheritance rules.
POSIX Mixed Mode: Default mode for CIFS volumes on Nasuni Filers joined to LDAP.
Recommended for combined CIFS and FTP/SFTP volumes, with light NFS use. Also
recommended for CIFS-only volumes with Linux or Mac clients, with UNIX extensions enabled.
Access control lists (ACLs) are supported entirely through POSIX ACLs. Windows clients
receive mapping of POSIX ACLs to NTFS ACLs. However, the mappings are not as complete as
mappings done for NTFS Compatible Mode. NFS clients cannot view the ACLs.
The NFSv4 protocol automatically translates the underlying ACLs to NFSv4 ACLs. The common
tools for managing POSIX ACLs are not supported on NFSv4. To manage ACLs using NFSv4,
you must use the NFSv4 ACL tools. Not all Nasuni Filers support NFSv4. You can check
whether NFSv4 is supported on the NFS Status page (Nasuni Filers) or the Exports page (NMC).
Unauthenticated Access Mode: Default mode for CIFS volumes on Nasuni Filers that are not
joined to Active Directory or to LDAP. Recommended for CIFS Public-mode volumes. For CIFS
clients, this mode acts as an open share. For all other protocols, this mode acts identically to
POSIX Mixed Mode.
Click Save Protocol Settings.
The selected protocol is enabled, and the selected volume permissions policy is enabled.
Alternatively, to exit the dialog box without changing the volume protocol settings, click Close.
Tip: To add a CIFS share to a volume, see “Creating shares” on page 111. To add an NFS
export to a volume, see “Creating exports” on page 92. To add an FTP/SFTP directory to a
volume, see “Creating FTP directories” on page 102.
Nasuni Management Console Guide 7.9
140
Volumes Page
Quota
Quota
You can view or change the quota (maximum capacity) of volumes. You can also view or change quota
rules and quotas for folders.
For CIFS and NFS volumes and FTP/SFTP directories, the volume quota (maximum capacity) enables
you to limit the amount of storage space for a volume, including snapshots, which helps you to control
your storage costs. Unlimited storage space is available. However, the volume is limited to your
licensed capacity. Nasuni recommends that you only increase volume quotas rather than decrease
them.
Note: A notification occurs when the volume reaches 90 percent of the volume quota.
Another notification occurs when the volume reaches the volume quota. If the volume is
shared, then the volume quota is compared to the sum of all Nasuni Filers connected to the
volume.
Note: You can also set Directory Quotas on folders. See “Setting Quota or Rule” on page 85.
You can schedule the resulting quota reports here: “Quota Reports” on page 221.
See www.nasuni.com/support/documentation for a worksheet for planning configurations.
Viewing volume quota setting
To view the volume quota settings, follow these steps:
1. Click Quota. The Volume Quota page displays a list of volumes on managed Nasuni Filers.
Figure 7-86: Volume Quota page.
The following information appears for each volume in the list:
•
Name: The name of the volume.
•
Filer: The Nasuni Filer that contains the volume.
•
Quota: The volume quota setting in GB, or “Unlimited” to the limit of licensed capacity.
Nasuni Management Console Guide 7.9
141
Volumes Page
Quota
Editing volume quota
To edit volume quota, follow these steps:
1. On the Volume Quota page, select the volumes in the list whose volume quota setting you want
to edit.
2. Click Edit Volumes. The Volume Quota Settings dialog box appears.
Figure 7-87: Volume Quota Settings dialog box.
3. To copy settings from another volume, select the volume from the Copy Settings drop-down
list. The settings from that volume appear in the dialog box.
4. In the Volume Quota text box, enter the volume quota for the selected volumes (in gigabytes or
fractions of a gigabyte, such as 6.8). “0 GB” means unlimited, to the limit of licensed capacity.
5. Click Save Quota. The volume quota settings are changed. The volume appears in the list on
the Volume Quota page.
Alternatively, to exit the dialog box without changing the volume quota settings, click Close.
Viewing, editing, and deleting folder quotas
A folder quota applies the specified limit only to the selected volume or folder.
To view the volume quota rules, follow these steps:
1. Click Quota Folders. The Volume Quota Folders page displays a list of volumes on managed
Nasuni Filers.
Figure 7-88: Volume Quota Folders page.
Note: Volumes on Nasuni Filers running pre-6.0 versions do not appear in the Quota
Folders list.
The following information appears for each volume in the list:
•
Volume: The name of the volume.
Nasuni Management Console Guide 7.9
142
Volumes Page
Quota
•
Filer: The Nasuni Filer that contains the volume.
•
Path: The full path to the folder with the quota.
•
Email: The email address to use for alerts for this quota.
•
Limit: The limit for the quota.
•
Usage: The current storage usage for the folder, and the percentage of the quota.
2. To edit a folder quota, click Edit. The Edit Quota Settings dialog box appears.
Figure 7-89: Edit Quota Settings dialog box.
3. From the Quota Type drop-down list, select one of the following choices:
Tip: To change the quota type, you must first delete the existing quota.
•
Rule: Applies the specified Limit to any newly created subdirectories of the selected volume
or folder. To apply the specified Limit to existing subdirectories, see step 6 on page 86
below.
Important: Quotas cannot be nested. Quotas cannot be created anywhere in a
directory tree that already has a quota set in one of the parents. Quotas also cannot
be created on any parent directory when any of the subdirectories has a quota
already.
•
Quota: Applies the specified Limit only to the selected volume or folder.
4. (Optional) To receive reports when the selected volume or folder is near or over its Limit, in the
Email text box, enter an email address.
Tip: If User Folders Support is enabled for the CIFS share that the directory is in, then the
email address of the directory owner is used automatically. This prevents the necessity of
manually entering hundreds of email addresses for multi-user systems. See step 18 on
page 117. However, if the email address is entered here, the entered email address
overrides looking up an email address from Directory Services.
Nasuni Management Console Guide 7.9
143
Volumes Page
Quota
5. In the Limit text box, enter or select the quota limit (in gigabytes or fractions of a gigabyte, such
as 6.8). The content size of uncompressed data is displayed to help you decide on a quota limit.
6. For the Rule quota type, to apply the same Limit to the data in any existing sub-directories of
the selected directory, select the Apply to existing sub-directories check box.
7. Click Save Quota. The volume quota settings are changed. The volume appears in the list on
the Volume Quota page.
Alternatively, to exit the dialog box without changing the volume quota settings, click Close.
Viewing folder quota rules
A folder quota rule applies the specified limit to any newly created subdirectories of the selected
volume or folder.
To view the folder quota rules, follow these steps:
1. Click Quota Rules. The Volume Quota Rules page displays a list of volumes on managed
Nasuni Filers.
Figure 7-90: Volume Quota Rules page.
Note: Volumes on Nasuni Filers running pre-6.0 versions do not appear in the Quota
Rules list.
The following information appears for each volume in the list:
•
Volume: The name of the volume.
•
Filer: The Nasuni Filer that contains the volume.
•
Path: The full path to the folder with the quota rule.
•
Email: The email address to use for alerts for this quota rule.
•
Limit: The limit for the quota rule.
Filtering the Display
Using the Filter text box, you can limit the display to items that match the criteria that you enter. See
“Filtering Displays” on page 394 for details. On this screen, the following field names are available:
•
volume: Matches values in the Volume field.
•
filer: Matches values in the Filer field.
•
path: Matches values in the Path field.
Nasuni Management Console Guide 7.9
144
Volumes Page
Quota
Editing and deleting folder quota rules
To edit a folder quota rule, follow these steps:
1. Click Edit. The Edit Quota Settings dialog box appears.
Figure 7-91: Edit Quota Settings dialog box.
2. From the Quota Type drop-down list, select one of the following choices:
Tip: To change the quota type, you must first delete the existing quota.
•
Rule: Applies the specified Limit to any newly created subdirectories of the selected volume
or folder. To apply the specified Limit to existing subdirectories, see step 6 on page 86
below.
Important: Quotas cannot be nested. Quotas cannot be created anywhere in a
directory tree that already has a quota set in one of the parents. Quotas also cannot
be created on any parent directory when any of the subdirectories has a quota
already.
•
Quota: Applies the specified Limit only to the selected volume or folder.
3. (Optional) To receive reports when the selected volume or folder is near or over its Limit, in the
Email text box, enter an email address.
Tip: If User Folders Support is enabled for the CIFS share that the directory is in, then the
email address of the directory owner is used automatically. This prevents the necessity of
manually entering hundreds of email addresses for multi-user systems. See step 18 on
page 117. However, if the email address is entered here, the entered email address
overrides looking up an email address from Directory Services.
4. In the Limit text box, enter or select the quota limit (in gigabytes or fractions of a gigabyte, such
as 6.8). The content size of uncompressed data is displayed to help you decide on a quota limit.
Nasuni Management Console Guide 7.9
145
Volumes Page
Quota
5. Click Save Rule. The volume quota rule settings are changed. The volume appears in the list on
the Volume Quota page.
Alternatively, to exit the dialog box without changing the settings, click Close.
Nasuni Management Console Guide 7.9
146
Volumes Page
Remote Access
Remote Access
Remote access allows one or more Nasuni Filers to connect, using Nasuni, to a volume associated with
another Nasuni Filer. You can view or change the remote access setting of volumes.
You can enable or disable access to a CIFS or NFS volume or FTP/SFTP directory by your remote
offices attached to your Nasuni.com account. If remote access to a volume or FTP/SFTP directory is
enabled, you can select permissions for remote access to this volume.
See www.nasuni.com/support/documentation for a worksheet for planning configurations.
Tip: Perform any necessary data migrations to the volume before enabling Remote Access.
Otherwise, data migration processing can impact the synchronization of remote volumes.
Note: The Nasuni Filer must be running version 6.0 or later software in order to connect to a
remote volume that has multiple protocols defined (including CIFS, NFS, and FTP).
Viewing remote access setting
To view the remote access settings, follow these steps:
1. Click Remote Access. The Volume Remote Access Setting page displays a list of CIFS and
NFS volumes on managed Nasuni Filers.
Figure 7-92: Volume Remote Access Setting page.
The following information appears for each volume in the list:
•
Name: The name of the volume.
•
Filer: The Nasuni Filer that contains the volume.
•
Protocol: The protocol of the volume: CIFS, NFS, or FTP.
•
Security Mode (CIFS volumes only): The security mode of the CIFS volume: Active
Directory, LDAP Directory Services, Publicly Available, or Unknown.
•
Permissions (if currently remotely accessible): The current permissions for the remotely
accessible volume: Read-Only, Read/Write, or Custom.
•
Enabled: The remote access setting of the volume: Enabled (remotely accessible) or
Disabled (not remotely accessible).
Nasuni Management Console Guide 7.9
147
Volumes Page
Remote Access
Editing remote access settings
Note: The Nasuni Filer must be running version 6.0 or later software in order to connect to a
remote volume that has multiple protocols defined (including CIFS, NFS, and FTP).
To edit remote access settings, follow these steps:
1. On the Volume Remote Access Setting page, select the volumes in the list whose remote
access settings you want to edit.
2. Click Edit Volumes. The Edit Volume Remote Access Settings dialog box appears.
Figure 7-93: Edit Volume Remote Access Settings dialog box.
3. To copy settings from another volume, select the volume from the Copy Settings drop-down
list. The settings from that volume appear in the dialog box.
4. Click Enabled to set On (volume is remotely accessible) or Off (volume is not remotely
accessible).
5. If access to this volume is enabled, from the Remote Access Permissions drop-down list, select
either Read Only, Read/Write, or Custom.
•
Read Only: All other Nasuni Filers on this account can view the data on the selected
volume, but cannot change that data.
•
Read/Write: All other Nasuni Filers on this account can view the data on the selected
volume, and can also change that data.
•
Custom: You specify the access for each other Nasuni Filer on this account separately.
Note: If you choose Custom, new Nasuni Filers on this account cannot access the
volume until you explicitly provide the type of access.
Nasuni Management Console Guide 7.9
148
Volumes Page
Remote Access
6. If you select Custom remote access permissions, then you use the Custom Remote Access
Permissions list of other Nasuni Filers on your account.
For each other Nasuni Filer on this account, select the drop-down list beside the name of the
Nasuni Filer and select either Disabled, Read Only, or Read/Write.
•
Disabled: This Nasuni Filer cannot view or change the data on the selected volume.
•
Read Only: This Nasuni Filer can view the data on the selected volume, but cannot change
that data.
•
Read/Write: This Nasuni Filer can view the data on the selected volume, and can also
change that data.
7. Click Save Remote Access Settings. The volume remote access settings are changed. The
volume appears in the list on the Volume Remote Access Setting page.
Alternatively, to exit the dialog box without changing the volume remote access settings, click
Close.
Nasuni Management Console Guide 7.9
149
Volumes Page
Snapshot Directory Access
Snapshot Directory Access
You can enable access to the snapshot directory to permit browsing the snapshot history and viewing
the files and directories for NFS exports, CIFS shares, and FTP/SFTP directories.
Note: Snapshot directory access can add a significant load to the Nasuni Filer.
Note: Snapshot directory access is not available for iSCSI volumes.
Note: With volumes on which the CIFS protocol has been enabled, for snapshot directory
access to operate, snapshot directory access must also be enabled for the CIFS share. For
details, see step 17 on page 117.
Viewing snapshot directory access settings
To view the snapshot directory access settings, follow these steps:
1. Click Snapshot Access. The Volume Snapshot Directory Access page displays a list of volumes
on managed Nasuni Filers.
Figure 7-94: Volume Snapshot Directory Access page.
2. Click the right-facing arrow beside each volume to reveal the snapshot directory access setting
for each Nasuni Filer for that volume. To reveal the settings for all volumes of all Nasuni Filers,
click Expand All. To collapse the display of the settings for all volumes of all Nasuni Filers, click
Collapse All.
The following information appears for each volume in the list:
•
Name: The name of the volume.
•
Filer: The Nasuni Filer that contains the volume.
•
Protocol: The protocol of the volume: CIFS, NFS, or FTP.
•
Snapshot Directory Access: The snapshot directory access setting: Enabled or Disabled.
Nasuni Management Console Guide 7.9
150
Volumes Page
Snapshot Directory Access
Editing snapshot directory access settings
To enable access to the snapshot directory for a volume, follow these steps:
1. On the Volume Snapshot Directory Access page, select the volumes in the list whose
snapshot directory access settings you want to edit.
2. Click Edit Volumes. The Edit Snapshot Directory Access dialog box appears.
Figure 7-95: Edit Snapshot Directory Access dialog box.
3. To copy settings from another volume, select the volume from the Copy Settings drop-down
list. The settings from that volume appear in the dialog box.
4. To enable access to the snapshot directory, select Enable Snapshot Directory Access to On.
5. Click Save. The snapshot directory access settings are changed. The volume appears in the list
on the Volume Snapshot Directory Access page.
Alternatively, to exit the dialog box without changing the snapshot directory access settings,
click Close.
Nasuni Management Console Guide 7.9
151
Volumes Page
Snapshot retention
Snapshot retention
You can view or change the snapshot retention setting of volumes.
A snapshot is a complete picture of the files and folders in your file system at a specific point in time.
Using snapshots, the Nasuni Filer can identify new or changed data. Snapshots offer data protection by
enabling you to recover a file deleted in error or to restore an entire file system. After a snapshot has
been taken and is sent to cloud storage, it is not possible to modify that snapshot.
For compliance purposes or your own best practices, you can specify to delete older snapshots from
cloud storage, based on a configured policy for a specific volume. Snapshot retention policies are
configured on the volume level. Snapshot retention policies also work on shared volumes.
Caution: For security purposes, when a snapshot is removed, it is permanently deleted
from cloud storage and cannot be recovered.
Note: As long as a file is included in any snapshot within your snapshot retention policy, that
file is not removed. However, if you delete a file, and none of the retained snapshots includes
that file, the file is removed.
See www.nasuni.com/support/documentation for a worksheet for planning configurations.
Viewing snapshot retention settings
To view the snapshot retention settings, follow these steps:
1. Click Snapshot Retention. The Volume Snapshot Retention page displays a list of volumes
on managed Nasuni Filers.
Figure 7-96: Volume Snapshot Retention page.
The following information appears for each volume in the list:
•
Name: The name of the volume.
•
Filer: The Nasuni Filer that contains the volume.
•
Retention: The snapshot retention setting, such as the following:
•
All Snapshots: Retains all snapshots indefinitely.
•
[a set number of] snapshots: A specific number of snapshots to retain.
•
Snapshots within [a given time]: The number of Years, Months, or Days for which you
want to retain snapshots.
Nasuni Management Console Guide 7.9
152
Volumes Page
Snapshot retention
Editing snapshot retention settings
To edit snapshot retention settings, follow these steps:
1. On the Volume Snapshot Retention page, select the volumes in the list whose snapshot
retention settings you want to edit.
2. Click Edit Volumes. The Snapshot Retention dialog box appears.
Figure 7-97: Snapshot Retention dialog box.
3. To copy settings from another volume, select the volume from the Copy Settings drop-down
list. The settings from that volume appear in the dialog box.
4. From the Retain drop-down list, select a retention policy option:
•
All Snapshots: (Default) Retains all snapshots indefinitely. If you require deleting older
snapshots for compliance or other reasons, do not select this option.
•
Set Number of Snapshots: Enter the Number of snapshots to retain, from 1 to 1 billion
(1,000,000,000). For example, if you choose to keep 100 snapshots, then the 100 most
recent snapshots are retained, and the rest are deleted automatically.
Figure 7-98: Snapshot Retention by number.
•
Snapshots Within a Range: Enter the number of Years, Months, and Days for which you
want to retain snapshots. For example, if you choose to keep two months’ worth of
snapshots, then snapshots that were taken before then are deleted automatically.
Figure 7-99: Snapshot Retention by time.
5. Click Save Retention. The snapshot retention settings are changed. The volume appears in the
list on the Volume Snapshot Retention page.
Alternatively, to exit the dialog box without changing the settings, click Close.
Nasuni Management Console Guide 7.9
153
Volumes Page
Snapshot schedule
Snapshot schedule
You can view or change the snapshot schedule of volumes.
A snapshot is a complete picture of the files and folders in your file system at a specific point in time.
Using snapshots, the Nasuni Filer can identify new or changed data. Snapshots offer data protection by
enabling you to recover a file deleted in error or to restore an entire file system. After a snapshot has
been taken and is sent to cloud storage, it is not possible to modify that snapshot.
Note: To perform consistent point-in-time snapshots of iSCSI volumes on Windows systems,
you can use the Nasuni VSS Hardware Provider. For details, see “API Access Keys” on
page 310.
With snapshots, you can find, view, and restore past versions of your files quickly. You can restore a
single file, a directory, or an entire volume.
The Nasuni Filer captures complete snapshots of files at regular intervals and stores all snapshots in
cloud storage to protect your files. You can select which days of the week on which to perform
snapshots. You can also select at what time of day to start and stop creating snapshots. You can also
set the frequency for creating snapshots. If the volume does not have Remote Access enabled, your
choices are 1, 2, 4, 8, 12, or 24 hours between snapshots. If the volume does have Remote Access
enabled, your choices are 1, 5, 10, 15, 25, or 30 minutes, or 1, 2, 4, 8, 12, or 24 hours between
snapshots. For example, you can configure snapshots to not occur during the day and only push new
and changed data at night when network usage is low.
Warning: Frequent snapshots increase the system load significantly.
See “Quality of Service (Bandwidth) Settings” on page 216 to configure outbound bandwidth limits.
See www.nasuni.com/support/documentation for a worksheet for planning configurations.
Viewing snapshot schedules
To view the snapshot schedules, follow these steps:
1. Click Snapshot Schedule. The Volume Snapshot Schedule page displays a list of volumes on
managed Nasuni Filers.
Figure 7-100: Volume Snapshot Schedule page.
Nasuni Management Console Guide 7.9
154
Volumes Page
Snapshot schedule
2. Click the right-facing arrow beside each volume to reveal the snapshot schedule setting for
each Nasuni Filer for that volume. To reveal the settings for all volumes of all Nasuni Filers, click
Expand All. To collapse the display of the settings for all volumes of all Nasuni Filers, click
Collapse All.
The following information appears for each volume in the list:
•
Name: The name of the volume.
•
Filer: The names or number of Nasuni Filers that access the volume.
•
Days: If snapshots are enabled, the days of the week on which snapshots are scheduled.
Otherwise, “Disabled”.
•
•
Time: If snapshots are enabled, the time during which snapshots are scheduled.
Otherwise, blank.
Frequency: If snapshots are enabled, the frequency of performing snapshots during the
scheduled time. Otherwise, “--”.
Nasuni Management Console Guide 7.9
155
Volumes Page
Snapshot schedule
Editing snapshot schedules
To edit snapshot schedules, follow these steps:
1. On the Volume Snapshot Schedule page, select the volume and Nasuni Filer combinations in
the list whose snapshot schedules you want to edit.
2. Click Edit Volumes. The Snapshot Schedule dialog box appears.
Figure 7-101: Snapshot Schedule dialog box.
3. To copy settings from another volume, select the volume from the Copy Settings drop-down
list. The settings from that volume appear in the dialog box.
4. To select or deselect all days for snapshots to occur, click Select/Deselect All.
5. Select the days for snapshots to occur (for example, Sunday, Wednesday, and Saturday).
6. To specify snapshots 24 hours a day, select the All Day check box.
7. If you do not select All Day, select the hour for snapshots to start from the Start drop-down list.
8. If you do not select All Day, select the hour for snapshots to stop from the Stop drop-down list.
9. Select the frequency for snapshots from the Frequency drop-down list. If the volume does not
have Remote Access enabled, your choices are 1, 2, 4, 8, 12, or 24 hours. If the volume does
have Remote Access enabled, your choices are 1, 5, 10, 15, 25, or 30 minutes, or 1, 2, 4, 8, 12,
or 24 hours.
Note: Volumes that do not have remote access enabled only have Frequency options of
hours, not minutes. For snapshots more frequent than 1 per hour, enable remote access
for the volume.
10. Click Save Schedule. The snapshot schedules are changed. The volume appears in the list on
the Volume Snapshot Schedule page.
Alternatively, to exit the dialog box without changing the snapshot schedules, click Close.
Nasuni Management Console Guide 7.9
156
Volumes Page
Sync Schedule
Sync Schedule
You can schedule when, and with what frequency, the selected volumes synchronize data (“syncs”)
from Nasuni, merging local data with any new or changed data from other Nasuni Filers connected to
the selected volumes. This helps to ensure that everyone in your organization is using the most current
data.
If you enable the “Auto Cache” option, data from other Nasuni Filers that are attached to the selected
volumes is brought into the local caches of the selected volumes immediately. Otherwise, data from
other Nasuni Filers that are attached to the selected volumes is brought into their local caches when
that data is accessed next.
Note: Because Auto Cache is not enabled by default, new data in the selected volumes
comes into their local caches only when requested. If you plan on enabling Auto Cache,
ensure that all of the following apply to your deployment:
•
All the Nasuni Filers in your organization have caches large enough to contain data from
the other Nasuni Filers.
•
All the data in the volume is relevant and appropriate for all other sites that access the
volume.
•
Network access at each site is not adversely affected by automatically moving large
quantities of data.
Auto Cache should not be used during the initial transfer of data into a Nasuni Filer or during
certain one-time operations, such as a bulk data load.
You can select which days of the week on which to sync data. You can also select at what time of day
to start and stop syncing data. You can set the frequency for syncing data to be every 1, 5, 10, 25, or
30 minutes, or every 1, 2, 4, 8, 12, or 24 hours for each volume. For example, you can configure syncs
to not occur during the day and only sync data at night when network usage is low.
Warning: Frequent syncs increase the system load significantly.
See “Quality of Service (Bandwidth) Settings” on page 216 to configure outbound bandwidth limits.
See www.nasuni.com/support/documentation for a worksheet for planning configurations.
Nasuni Management Console Guide 7.9
157
Volumes Page
Sync Schedule
Scheduling Syncs
To schedule syncs, follow these steps:
1. Click Volumes, then select Sync Schedule from the menu in the left column. The Volume Sync
Schedule page displays a list of volumes on managed Nasuni Filers.
Figure 7-102: Volume Sync Schedule page.
The following information appears for each volume in the list:
•
Name: The name of the volume.
•
Filer: The name or number of Nasuni Filers that contain the volume.
•
Schedule: If syncs are enabled, the days and times that syncs are scheduled. If syncs are
disabled, the label Disabled.
•
Frequency: If syncs are enabled, the frequency of syncs appears. If syncs are disabled, the
symbol “--” appears.
•
Auto Cache: Whether Auto Cache is allowed or disabled: Allowed or Disabled.
If Auto Cache is allowed, the Minimum File Size is displayed, if specified.
2. Select the volumes whose sync schedules you want to change.
Nasuni Management Console Guide 7.9
158
Volumes Page
Sync Schedule
3. Click Edit Volumes. The Sync Schedule dialog box appears.
Figure 7-103: Sync Schedule dialog box.
4. To copy settings from another volume, select the volume from the Copy Settings drop-down
list. The settings from that volume appear in the dialog box.
5. To select or deselect all days for syncs to occur, click Select/Deselect All.
6. Select the days for syncs to occur (for example, Sunday to Saturday).
7. To specify syncs all day, select the All Day check box.
Alternatively, select the time to start syncs from the Start drop-down list. Select the time to stop
syncs from the Stop drop-down list.
8. Select the frequency for syncs to occur from the Frequency drop-down list. Your choices are 1,
5, 10, 25, 30 minutes, or 1, 2, 4, 8, 12, or 24 hours.
9. To enable Auto Cache (automatically bringing data from other Nasuni Filers into the local cache
immediately), select the Auto Cache check box. Alternatively, to disable Auto Cache, clear the
Auto Cache check box.
Note: If Auto Cache is enabled and you disable Auto Cache, any process bringing data into
the cache continues until complete.
10. If Auto Cache is enabled, you can specify bringing only files greater than or equal to a specified
size into the cache automatically. Enter the minimum size (in whole numbers) in the Auto Cache
Minimum File Size text box, then select the correct units from the drop-down list.
Nasuni Management Console Guide 7.9
159
Volumes Page
Sync Schedule
11. Click Save Schedule. The sync schedule is changed for the selected volumes.
Alternatively, to exit the dialog box without changing the sync schedule settings, click Close.
Nasuni Management Console Guide 7.9
160
Volumes Page
Antivirus Service
Antivirus Service
You can view or change the Antivirus Service setting of volumes.
The Antivirus Service provides protection against viruses and other malware by scanning every new or
modified file. The entire file is scanned, not just the changed part. If a scanned file is infected, the
authorized administrator has the option to ignore the infection. Only virus-free files, or infected files that
the authorized administrator deliberately ignores, are allowed into cloud storage. The Nasuni Filer
updates antivirus definition files multiple times daily. The Antivirus Service scans container files (such
as .zip files) as large as 100 MB, and non-container files as large as 25 MB.
You can enable or disable antivirus protection at the volume level.
The Antivirus Service setting is inherited by connecting Nasuni Filers: a Nasuni Filer connected to a
volume with the Antivirus Service enabled also has the Antivirus Service enabled for that volume. In
such a case, there might be a brief time lag before the Nasuni Filer inherits the setting.
Note: The Antivirus Service is available for CIFS and NFS volumes and FTP/SFTP directories,
but not iSCSI volumes.
See www.nasuni.com/support/documentation for a worksheet for planning configurations.
Viewing Antivirus Service settings
To view the Antivirus Service settings, follow these steps:
1. Click Antivirus Service. The Volume Antivirus Service page displays a list of CIFS and NFS
volumes and FTP/SFTP directories on managed Nasuni Filers.
Figure 7-104: Volume Antivirus Service page.
The following information appears for each volume in the list:
•
Name: The name of the volume.
•
Protocol: The protocol of the volume: CIFS, NFS, or FTP.
•
Filer: The Nasuni Filer that contains the volume.
•
Enabled: The Antivirus Service settings of the volume: Enabled (antivirus is operational) or
Disabled (antivirus is not operational).
•
Check Immediately (volumes on which the CIFS protocol has been enabled only):
Indicates whether the Antivirus Service should check files as they are written to the
Nasuni Filer, in addition to the specified Antivirus Service schedule.
Nasuni Management Console Guide 7.9
161
Volumes Page
Antivirus Service
•
Schedule: If Antivirus Service is enabled, the days of the week and the time during which to
perform Antivirus Service. If Antivirus Service is disabled, displays “--”.
•
Frequency: If Antivirus Service is enabled, the frequency of performing Antivirus Service
during the scheduled time. If Antivirus Service is disabled, displays “--”.
Editing Antivirus Service settings
To edit Antivirus Service settings, follow these steps:
1. On the Volume Antivirus Service page, select the volumes in the list whose Antivirus Service
settings you want to edit.
2. Click Edit Volumes. The Edit Antivirus Service dialog box appears.
Figure 7-105: Edit Antivirus Service dialog box.
3. To copy settings from another volume, select the volume from the Copy Settings drop-down
list. The settings from that volume appear in the dialog box.
4. To enable the Antivirus Service, select the Enabled setting to On. To disable the Antivirus
Service, select the Enabled setting to Off.
If you select On, then configure the Antivirus Service by performing these steps:
a. To select or deselect all days for Antivirus Service scanning to occur, click Select/Deselect
All.
b. Select the days for Antivirus Service scanning to occur (for example, Sunday to Saturday).
Nasuni Management Console Guide 7.9
162
Volumes Page
Antivirus Service
c. For volumes on which the CIFS protocol has been enabled only, to check files as they are
written to the Nasuni Filer, in addition to the specified Antivirus Service schedule, select the
Check files immediately check box. Otherwise, clear the Check files immediately check
box.
d. To specify scanning 24 hours a day, select the 24 Hours/Day check box.
Alternatively, select the hour for scanning to start from the Start drop-down list. Select the
hour for scanning to stop from the Stop drop-down list.
e. Select the frequency for Antivirus Service scanning to occur from the Frequency drop-down
list. If the volume does not have Remote Access enabled, your choices are 1, 2, 4, 8, 12, or
24 hours. If the volume does have Remote Access enabled, your choices are 1, 5, 10, 25, or
30 minutes, or 1, 2, 4, 8, 12, or 24 hours.
Note: Volumes that do not have Remote Access enabled only have Frequency
options of hours, not minutes. For Antivirus Service scanning more frequent than
every 1 hour, enable Remote Access for the volume.
Note: In addition to the specified scanning schedule, a scan is performed
automatically with every snapshot.
5. Click Save. The Antivirus Service settings are changed. The volume appears in the list on the
Volume Antivirus Service page.
Alternatively, to exit the dialog box without changing the Antivirus Service settings, click Close.
Nasuni Management Console Guide 7.9
163
Volumes Page
Antivirus Violations
Antivirus Violations
You can view or review the antivirus violations of volumes.
If the Antivirus Service finds any files infected with a virus or other malware, that information is
displayed. The authorized administrator must review each infected file before that file is allowed into
cloud storage.
Viewing antivirus violations
To view the antivirus violations, follow these steps:
1. Click Antivirus Violations. The Volume Antivirus Violations page displays a list of CIFS and
NFS volumes and FTP/SFTP directories on managed Nasuni Filers that have antivirus violations.
Figure 7-106: Volume Antivirus Violations page.
The following information appears for each volume in the list:
•
Volume: The name of the volume.
•
Filer: The Nasuni Filer that contains the volume.
•
Filepath: The path to the file with the antivirus violation.
•
Virus Name: The virus that was detected.
Filtering the Display
Using the Filter text box, you can limit the display to items that match the criteria that you enter. See
“Filtering Displays” on page 394 for details.
On this screen, the following field names are available:
•
volume: Matches values in the Volume field.
•
filer: Matches values in the Filer field.
•
filepath: Matches values in the Filepath field.
•
virus: Matches values in the Virus Name field.
Nasuni Management Console Guide 7.9
164
Volumes Page
Antivirus Violations
Reviewing antivirus violations
To review antivirus violations, follow these steps:
1. On the Antivirus Violations page, select the volumes in the list whose antivirus violations you
want to edit.
2. For each file in the list, click either Ignore or Delete
.
To ignore a detected infection and permit the infected file to enter cloud storage, click Ignore.
The Ignore Infected File dialog box appears. Click Ignore Infected Files. The infected file is
permitted to enter cloud storage.
Note: The Nasuni Management Console records the name of the authorized
administrator who authorizes ignoring the infected file.
Alternatively, to delete the infected file and prevent the infected file from entering cloud storage,
click Delete
. The Delete Infected File dialog box appears. Click Delete Infected Files.
The infected file is deleted.
Nasuni Management Console Guide 7.9
165
Volumes Page
File System Auditing
File System Auditing
Take
You can configure extensive file system auditing and logging of operations for volumes.
Note: It is possible that occasionally a specified operation might not be audited and logged,
such as when a Nasuni Filer reboots or restarts. Also, if events occur faster than the auditing,
a “Lost Events” entry is made in the log file.
Tip: Log files take up space. To reduce the amount of space necessary for log files, you can:
limit the number of event categories to audit, limit which volumes to audit, use filters to
reduce the directories or files to audit, and limit the log file retention period.
To configure file system auditing for a volume, follow these steps:
1. Click Volumes, then click Auditing. The Volume Auditing Settings page appears.
Figure 7-107: Volume Auditing Settings page.
A list of volumes appears. Each volume is on a Nasuni Filer that has the file system auditing
feature.
2. Click the right-facing arrow beside each volume to reveal the file system auditing setting for
each Nasuni Filer for that volume. To reveal the settings for all volumes of all Nasuni Filers, click
Expand All. To collapse the display of the settings for all volumes of all Nasuni Filers, click
Collapse All.
The following information appears for each volume and Nasuni Filer combination in the list:
•
Name: The name of the volume.
•
Filer: The names or number of Nasuni Filers that access the volume.
•
Protocol: The protocol of the volume: CIFS, NFS, or FTP.
•
Enabled: The auditing setting of the volume: Yes (auditing enabled) or No (auditing not
enabled).
•
Write Audit Logs: Whether writing audit logs is enabled: Yes (writing audit logs is enabled)
or No (writing audit logs is not enabled).
Nasuni Management Console Guide 7.9
166
Volumes Page
File System Auditing
3. To change the settings for file auditing, on the Volume Auditing Settings page, select the
volumes in the list whose file system auditing setting you want to edit, then click Edit Volumes.
The Edit Volume Auditing Settings dialog box appears.
Figure 7-108: Top portion of Edit Volume Auditing Settings dialog box.
4. To copy settings from another volume, select the volume from the Copy Settings drop-down
list. The settings from that volume appear in the dialog box.
5. To enable file system auditing for this volume, select Auditing Enabled.
Nasuni Management Console Guide 7.9
167
Volumes Page
File System Auditing
6. In the Event Types area, select the operations to include in file system auditing, from these
choices:
•
Create: Operations that create files, directories, or links.
•
Delete: Operations that delete files or directories.
•
Rename: Operations that rename files or directories.
•
Close: Operations that close files.
•
Security: Changes to file or directory ownership or permission.
•
Metadata: Changes to update time and extended attributes.
•
Write: Operations that write or truncate files.
•
Read: Operations that read files or directories.
Note: Some event types generate a greater load and result in greater traffic.
7. In the Audit Logs area, to write audit logs, select Write Audit Logs.
Important: If you do not select Write Audit Logs, log files are not written.
8. To delete log files older than a specified number of days, select Prune Audit Logs and enter a
number greater than zero in Days to Keep. If Prune Audit Logs is not selected, or if Days to
Keep is zero, audit logs are not deleted.
9. If Write Audit Logs is selected, the Filtering area is available.
Figure 7-109: Bottom portion of Edit Volume Auditing Settings dialog box.
Nasuni Management Console Guide 7.9
168
Volumes Page
File System Auditing
10. In the Filtering area, to audit operations only for specified directories or files, select Exclude by
Default and enter the specific directories or files to include in the Include Patterns text box.
Separate the patterns with a comma or by placing a pattern on a new line. You can use glob
syntax wildcards when you specify each pattern, such as the following:
Wildcard
Meaning
Example
*
Matches any number of
any character.
*.mp3
means any file name that ends with “mp3”.
?
Matches any one
character.
test.mp?
means file names like “test.mp3” or “test.mp4”.
[sequence]
Matches any character
in the specified
sequence.
[A-Z]*.mp3
means file names that start with an upper-case
letter.
[!sequence]
Matches any character
NOT in the specified
sequence.
[!A-Z]*.mp3
means file names that do not start with an uppercase letter.
11. To audit operations for directories or files in the Include Patterns text box, even if those
directories or files are logically part of the entries in the Exclude Patterns text box, select
Include List Takes Priority.
12. To exclude specified directories or files from audit operations, such as *.tmp files, enter the
specific directories or files to exclude in the Exclude Patterns text box. Separate the patterns
with a comma or by placing a pattern on a new line. You can use glob syntax wildcards when
you specify each pattern, as described in step 10.
13. Click Save.
The specified operations for the specified directories and files are audited and written in log files for
later use.
Nasuni Management Console Guide 7.9
169
Volumes Page
File System Auditing
Log file location and format
Log files are written to the .nasuni\audit\<filerdescription>\<yyyymmdd> directory, where
filerdescription is the description of the Nasuni Filer and yyyymmdd is the date of the log file.
Note: If this is a shared volume, entries from multiple Nasuni Filers may appear in the same
<filerdescription> directory.
Log file names are in the format audit-<timestamp>.csv, where timestamp is the GMT time of the
log file. A sample log file name is audit-10-07-57-494069.csv.
Note: You cannot access the log files from the Nasuni Management Console or from the
Nasuni Filer. You must mount the volume and access the appropriate directory.
Each line of the log file is a record for a single audited operation. Each record includes the following
information, if available:
•
Timestamp (UTC) of the audited operation in the format 10/27/2013 11:31:49 PM.
•
Category of the operation, from the Event Types above.
•
Event type as a subtype of the category, such as the following:
•
Create: Create Directory or Create File.
•
Delete: Delete Directory or Delete File.
•
Read: Read Directory or Read File.
•
Security: Change Owner, Change Permissions, Set ACL, or Set DOS Attribute.
•
Write: Truncate File or Write to File.
•
Path/from of the item.
•
New path/to of the item (if appropriate).
•
User of the item (if appropriate).
•
Group of the user (if appropriate).
•
SID (for Active Directory) of the CIFS item (if appropriate).
•
Share name for the item (for CIFS volumes only, if appropriate).
•
Volume type of the item: CIFS, NFS, FTP, or Internal. Internal refers to events that are
generated by internal processes that don’t use the external protocols.
•
Client IP address that caused the event (for CIFS volumes only, if appropriate).
•
Snapshot timestamp (UTC), if event occurred on an item in a snapshot, in the format 10/27/
2013 11:31:49 PM.
Here is a sample log file record:
2013-09-19 22:48:39.697221,Read,Read Directory,/.snapshot,,FOREST1\
jjones,FOREST1\domain users,S-1-5-21-4239937795-3974351056921346076-1113,files,CIFS,10.10.10.10,
Nasuni Management Console Guide 7.9
170
Volumes Page
File System Auditing
Each log file contains at most 100,000 records. For additional records, a new log file is created.
Note: It is possible that occasionally a specified operation might not be audited and logged,
such as when a Nasuni Filer reboots or restarts. Also, if events occur faster than the auditing,
a “Lost Events” entry is made in the log file.
Nasuni Management Console Guide 7.9
171
Volumes Page
File Alert Service
File Alert Service
You can view or change the File Alert Service setting of volumes.
The File Alert Service triggers an alert (no more than one per day) in the notifications system when files
and directories whose names match patterns you specify are written to the Nasuni Filer. This can be
valuable in tracking certain special files for compliance purposes, such as files or directories whose
names contain text like “HIPAA”.
You can use wildcards when you specify each pattern. For example, if you specify this pattern:
*.mp3
You receive an alert (no more than one per day) when any files whose names end in .mp3 are written to
the Nasuni Filer. You can also view the file alert logs in the .snapshot directory.
If you have configured email settings, you receive an email (no more than one per day) when names of
files or directories match one of the patterns.
Note: If a match is detected, you receive no more than one alert per day. The alert contains
the path to a complete log file containing all detected matches.
See www.nasuni.com/support/documentation for a worksheet for planning configurations.
Viewing File Alert Service settings
To view the File Alert Service settings, follow these steps:
1. Click File Alert Service. The Volume File Alert Service page displays a list of volumes on
managed Nasuni Filers.
Figure 7-110: Volume File Alert Service page.
2. Click the right-facing arrow beside each volume to reveal the File Alert Service setting for each
Nasuni Filer for that volume. To reveal the settings for all volumes of all Nasuni Filers, click
Expand All. To collapse the display of the settings for all volumes of all Nasuni Filers, click
Collapse All.
The following information appears for each volume in the list:
•
Name: The name of the volume.
•
Filer: The names or number of Nasuni Filers that access the volume.
•
Enabled: The File Alert Service setting: Enabled (File Alert Service running) or Disabled (File
Alert Service not running).
•
File/Directory Patterns: The specific patterns of file names or directory names that the File
Alert Service is looking for.
Nasuni Management Console Guide 7.9
172
Volumes Page
File Alert Service
Editing File Alert Service settings
To edit File Alert Service settings, follow these steps:
1. On the Volume File Alert Service page, select the volume and Nasuni Filer combinations in the
list whose File Alert Service settings you want to edit.
2. Click Edit Volumes. The Edit File Alert Service dialog box appears.
Figure 7-111: Edit File Alert Service dialog box.
3. To copy settings from another volume, select the volume from the Copy Settings drop-down
list. The settings from that volume appear in the dialog box.
4. To enable the File Alert Service, select the Enabled setting to On. To disable the File Alert
Service, select the Enabled setting to Off.
5. If the File Alert Service is enabled, enter name patterns in the File/Directory Patterns text box.
Enter one name pattern per line. You can use wildcards when you specify each pattern:
Wildcard
Meaning
Example
*
Matching any number of
any character.
*.mp3
means any file name that ends with “mp3”.
?
Matching any one
character.
test.mp?
means file names like “test.mp3” or “test.mp4”.
[sequence]
Matching any character
in the specified
sequence.
[A-Z]*.mp3
means file names that start with an upper-case
letter.
[!sequence]
Matching any character
not in the specified
sequence.
[!A-Z]*.mp3
means file names that do not start with an uppercase letter.
Nasuni Management Console Guide 7.9
173
Volumes Page
File Alert Service
6. Click Save. The File Alert Service settings are changed. The volume appears in the list on the
Volume File Alert Service page.
Alternatively, to exit the dialog box without changing the File Alert Service settings, click Close.
Nasuni Management Console Guide 7.9
174
Chapter 8: Filers Page
On the Filers page, you can view managed Nasuni Filers. You can also perform the following actions:
•
Set API access keys.
•
Schedule automatic software updates.
•
Configure cache settings.
•
Central configuration settings.
•
Change CIFS and FTP/SFTP settings.
•
Change the description of managed Nasuni Filers.
•
Configure full disk encryption for disks that have this feature available.
•
Configure email settings.
•
Manage encryption keys for managed Nasuni Filers.
•
Configure global file locking.
•
Schedule of Quality of Service (inbound and outbound bandwidth).
•
Schedule when to send quota reports.
•
Configure SNMP settings.
•
Configure time servers.
•
Configure Web Access branding.
•
Manage data migrations to managed Nasuni Filers.
•
Manage mobile access to data.
•
Refresh the Nasuni Filer license.
•
Configure remote support settings.
•
Send diagnostic information to Nasuni.
•
Manage Side Load processing.
•
View the status of jobs to move data into the cache.
•
Review the status of CIFS shares, shared links, FTP/SFTP directories, and iSCSI volumes on
managed Nasuni Filers.
•
File heuristics for all Nasuni Filers or selected Nasuni Filers.
•
Review pending updates to Nasuni Filers.
•
Review the platform settings and status of managed Nasuni Filers.
•
Apply software updates to managed Nasuni Filers.
Nasuni Management Console Guide 7.9
175
Filers Page
Filers page
•
Review security settings and network settings for managed Nasuni Filers.
•
Shut down and reboot managed Nasuni Filers.
•
Review SSL certificates for managed Nasuni Filers.
Filers page
Click Filers. The Filers page displays a dashboard of Nasuni Filer information and a list of all Nasuni
Filers in the account.
Figure 8-1: Filers page.
Filers Managed
In the Filers Managed area, the following information appears:
•
Total number of Nasuni Filers managed in the account.
•
Total number of unmanaged Nasuni Filers in the account.
Note: If configured, an email notification is sent when a new Nasuni Filer is deployed,
whether the new Nasuni Filer is managed or unmanaged.
Nasuni Management Console Guide 7.9
176
Filers Page
Filers page
•
Number of Nasuni Filers that have Remote Support enabled. Clicking Enabled Remote
Support opens the Remote Support Service page. For details, see “Remote Support Service”
on page 246.
•
Number of Nasuni Filers that have active Remote Support connections in progress. Clicking
Active Support Session opens the Remote Support Service page. For details, see “Remote
Support Service” on page 246.
Connected Clients
In the Connected Clients area, the following information appears:
•
Total number of connected clients, including CIFS clients, iSCSI initiators, and Mobile Access
clients.
•
Number of CIFS clients. Clicking CIFS Clients opens the Filer CIFS Clients page. For details,
see “CIFS Clients” on page 254.
•
Number of iSCSI initiators. Clicking iSCSI Initiators opens the Filer iSCSI Status page. For
details, see “iSCSI status” on page 262.
•
Number of Mobile Access clients, including iOS and Android clients. Clicking iOS or Android
opens the Mobile Licenses page. For details, see “Mobile Licenses” on page 243.
Migrations
In the Migrations area, the following information appears:
•
Total number of running migrations.
•
Number of completed migrations. Clicking Completed opens the Data Migrations page. For
details, see “Migrations” on page 236.
•
Number of scheduled migrations. Clicking Scheduled opens the Data Migration Schedules
page. For details, see “Migration Schedules” on page 239.
•
Number of failed migrations. Clicking Failed opens the Data Migrations page. For details, see
“Migrations” on page 236.
Filer Health
In the Filer Health area, the following information appears:
•
Number of Nasuni Filer updates available. Clicking Filer updates opens the Filer Software
Updates page. For details, see “Software Updates” on page 278.
•
Number of Nasuni Filers offline.
Note: If a Nasuni Filer goes offline, an email alert is sent, if configured.
•
Number of hardware errors. Clicking hardware error opens the Filer Platform/Hardware
Settings page. For details, see “Platform Settings” on page 267.
Nasuni Management Console Guide 7.9
177
Filers Page
•
Filers page
Number of setting sync errors, namely, requested changes to Nasuni Filers that have failed for
some reason. Clicking setting sync error opens the Outstanding Settings Updates Filers
page. For details, see “Pending Updates” on page 266.
Network Traffic
You can view a chart of the network traffic of the Nasuni Filers vs. time. This chart shows data received
from and transmitted to cloud storage, Mobile Access clients, the user interface, clients, and
migrations. The scale is in Kbits/second or Mbits/second, depending on throughput.
The Network Traffic chart looks like this:
Figure 8-2: Network Traffic chart.
Different colors represent types of network traffic. From the drop-down list, select one of the following
choices:
•
All Filers: Displays network traffic for all Nasuni Filers under the control of the Nasuni
Management Console.
•
specific Nasuni Filer: Displays network traffic for the selected Nasuni Filer.
On the Network Traffic chart, you can select which network activity to include or exclude by clicking
any or all of the following:
•
Cloud Transmit: for data transmitted to the cloud by the Nasuni Filer.
•
Cloud Receive: for data received from the cloud by the Nasuni Filer.
•
Mobile Transmit: for data transmitted to mobile devices by the Nasuni Filer.
•
Mobile Receive: for data received from mobile devices by the Nasuni Filer.
•
UI Transmit: for data transmitted to the user interface by the Nasuni Filer.
•
UI Receive: for data received from the user interface by the Nasuni Filer.
•
Client Transmit: for data transmitted to the client by the Nasuni Filer.
•
Client Receive: for data received from the client by the Nasuni Filer.
•
Migration Transmit: for data transmitted to a data migration by the Nasuni Filer.
•
Migration Receive: for data received from a data migration by the Nasuni Filer.
Nasuni Management Console Guide 7.9
178
Filers Page
Filers page
If you hover the mouse over any part of the chart, a label appears displaying details about the amount
of network activity at that date and time.
Figure 8-3: Details of network traffic on Network Traffic chart.
To zoom in on a specific range of displayed data, click the chart at the high end of the range you want,
then drag to the low end of the range you want, then release. The chart rescales to zoom in on the
selected range.
To reset the zoom to the default display, click Reset zoom.
Mobile Usage
You can view a chart of Mobile Access usage vs. time. This chart shows the number of iOS and
Android users.
The Mobile Usage chart looks like this:
Figure 8-4: Mobile Usage chart.
Different colors represent types Mobile Access clients. From the drop-down list, select one of the
following choices:
•
All Filers: Displays Mobile Access usage for all Nasuni Filers under the control of the Nasuni
Management Console.
•
specific Nasuni Filer: Displays Mobile Access usage for the selected Nasuni Filer.
On the Mobile Usage chart, you can select which Mobile Access clients to include or exclude by
clicking iOS or Android.
If you hover the mouse over any part of the chart, a label appears displaying details about the number
of Mobile Access clients at that date and time.
Figure 8-5: Details of Mobile Access clients on Mobile Usage chart.
To zoom in on a specific range of displayed data, click the chart at the high end of the range you want,
then drag to the low end of the range you want, then release. The chart rescales to zoom in on the
selected range.
To reset the zoom to the default display, click Reset zoom.
Nasuni Management Console Guide 7.9
179
Filers Page
Filers page
Account Filers
Tip: After performing a disaster recovery on a Nasuni Filer, refresh this list by clicking
Refresh Managed Filers.
The following properties appear for each Nasuni Filer in the list of Nasuni Filers:
•
Filer: The name of the Nasuni Filer.
If the Nasuni Filer is offline, the label “Filer Offline” appears.
If the Nasuni Filer is not managed by the Nasuni Management Console, the label “Filer Not
Managed” appears.
Clicking the name of the Nasuni Filer opens the Filer Details page. See “Filer Details page” on
page 181.
Note: If a Nasuni Filer goes offline, an email alert is sent, if configured.
•
Filer Version: The currently running version of the Nasuni Filer software. If updates to new
versions of the Nasuni Filer software are available, the label “Updates Available” appears. To
schedule automatic updates, see “Automatic Software Updates”. manually update software,
see “Software Updates”.
•
Platform: The hardware appliance or virtual machine platform that the Nasuni Filer runs on.
•
Uptime: The amount of time that the Nasuni Filer has been running, in days, hours, and
minutes.
Nasuni Management Console Guide 7.9
180
Filers Page
Filers page
Filer Details page
Clicking the name of a Nasuni Filer opens the Filer Details page.
Figure 8-6: Filer Details page.
Nasuni Management Console Guide 7.9
181
Filers Page
Filers page
Network Traffic
You can view a chart of the network traffic of the Nasuni Filers vs. time. This chart shows data received
from and transmitted to cloud storage, Mobile Access clients, the user interface, clients, and
migrations. The scale is in Kbits/second or Mbits/second, depending on throughput.
On the Network Traffic chart, you can select which network activity to include or exclude by clicking
any or all of the following:
•
Cloud Transmit: for data transmitted to the cloud by the Nasuni Filer.
•
Cloud Receive: for data received from the cloud by the Nasuni Filer.
•
Mobile Transmit: for data transmitted to mobile devices by the Nasuni Filer.
•
Mobile Receive: for data received from mobile devices by the Nasuni Filer.
•
UI Transmit: for data transmitted to the user interface by the Nasuni Filer.
•
UI Receive: for data received from the user interface by the Nasuni Filer.
•
Client Transmit: for data transmitted to the client by the Nasuni Filer.
•
Client Receive: for data received from the client by the Nasuni Filer.
•
Migration Transmit: for data transmitted to a data migration by the Nasuni Filer.
•
Migration Receive: for data received from a data migration by the Nasuni Filer.
If you hover the mouse over any part of the chart, a label appears displaying details about the amount
of network activity at that date and time.
Figure 8-7: Details of network traffic on Network Traffic chart.
To zoom in on a specific range of displayed data, click the chart at the high end of the range you want,
then drag to the low end of the range you want, then release. The chart rescales to zoom in on the
selected range.
To reset the zoom to the default display, click Reset zoom.
Mobile Usage
You can view a chart of Mobile Access usage vs. time. This chart shows the number of iOS and
Android users.
On the Mobile Usage chart, you can select which Mobile Access clients to include or exclude by
clicking iOS or Android.
If you hover the mouse over any part of the chart, a label appears displaying details about the number
of Mobile Access clients at that date and time.
Figure 8-8: Details of Mobile Access clients on Mobile Usage chart.
Nasuni Management Console Guide 7.9
182
Filers Page
Filers page
To zoom in on a specific range of displayed data, click the chart at the high end of the range you want,
then drag to the low end of the range you want, then release. The chart rescales to zoom in on the
selected range.
To reset the zoom to the default display, click Reset zoom.
CPU Activity
You can view a chart of CPU activity vs. time. This chart shows the percentage usage of the CPU.
If you hover the mouse over any part of the chart, a label appears displaying details about the CPU
activity at that date and time.
Figure 8-9: Details on CPU activity chart.
Memory Usage
You can view a chart of memory usage vs. time. This chart shows the amount of memory used in units
such as GiB.
If you hover the mouse over any part of the chart, a label appears displaying details about the memory
usage at that date and time.
Figure 8-10: Details on Memory Usage chart.
The Filer Details page displays a summary of information about the Nasuni Filer:
•
In the Settings area:
•
Description: Description of this Nasuni Filer. Clicking the description opens the Filer
Description page, with the Description Settings dialog box selected. For details, see
“Nasuni Filer Description” on page 203.
•
Serial Number: Serial number of this Nasuni Filer, which is used to recover a Nasuni Filer.
•
Automatic Updates: The schedule to automatically update the software for this Nasuni
Filer. Clicking the schedule opens the Filer Automatic Software Update Settings page,
with the Automatic Updates dialog box selected. For details, see “Automatic Software
Updates” on page 188.
•
Cache Settings: The minimum and maximum amount of local cache space reserved for
new, incoming data on this Nasuni Filer. The percentage of the cache to reserve for new,
incoming data also appears, or, if the percentage is managed automatically, the label
“Automatic” appears. Clicking the setting opens the Filer Cache Settings page, with the
Cache Settings dialog box selected. For details, see “Cache Settings” on page 190.
•
Encryption Keys: Number of encryption keys in use on this Nasuni Filer. Clicking this
setting opens the Filer Encryption Keys page. For details, see “Encryption Keys” on
page 208.
Nasuni Management Console Guide 7.9
183
Filers Page
•
•
Filers page
•
Quality of Service: Number of Quality of Service rules for this Nasuni Filer. Clicking this
setting opens the Filer Quality of Service page, with the Quality of Service Settings dialog
box selected. For details, see “Quality of Service (Bandwidth) Settings” on page 216.
•
SNMP Settings: An indicator of whether SNMP settings are enabled for this Nasuni Filer.
Clicking this setting opens the Filer SNMP Settings page, with the SNMP Settings dialog
box selected. For details, see “SNMP Settings” on page 228.
•
Time Configuration: The time zone and number of time servers for this Nasuni Filer.
Clicking this setting opens the Filer Time Configuration page, with the Timezone Settings
dialog box selected. For details, see “Time Configuration” on page 232.
In the Services area:
•
Migrations: The number of completed and running migrations for this Nasuni Filer. Clicking
this setting opens the Data Migrations page. For details, see “Migrations” on page 236.
•
Migration Sources: Number of migration sources for this Nasuni Filer. Clicking this setting
opens the Data Migration Sources page. For details, see “Migration Sources” on
page 238.
•
Migration Schedules: Number of migration schedules for this Nasuni Filer. Clicking this
setting opens the Data Migration Schedules page. For details, see “Migration Schedules”
on page 239.
•
Mobile Settings: Mobile Access settings for this Nasuni Filer, including expiration, single
device setting, and allowed devices. Clicking this setting opens the Mobile Service
Settings page, with the Edit Mobile Service Settings dialog box selected. For details, see
“Mobile Settings” on page 240.
•
Mobile Licenses: Mobile licenses for this Nasuni Filer. Clicking this setting opens the
Mobile Licenses page. For details, see “Mobile Licenses” on page 243.
•
Remote Support: Remote Support status for this Nasuni Filer. Clicking this setting opens
the Remote Support Service page, with the Edit Remote Support Service dialog box
selected. For details, see “Remote Support Service” on page 246.
In the Status area:
•
Software updates: Software updates available for this Nasuni Filer. Clicking this setting
opens the Filer Software Updates page, with the Update Filer dialog box selected. For
details, see “Software Updates” on page 278.
•
Uptime: Uptime for this Nasuni Filer.
•
Security Mode: Security mode for this Nasuni Filer: Active Directory, LDAP Directory
Services, Publicly Available, or Unknown. Clicking this setting opens the Filer Security
Settings page. For details, see “Security Settings” on page 271.
•
SSL Certificate: SSL certificate settings for this Nasuni Filer. Clicking this setting opens the
SSL Certificates page. For details, see “SSL Certificates” on page 282.
•
CIFS: Number of CIFS shares, clients, and locks for this Nasuni Filer. Clicking this setting
opens the Shares page. For details, see “Shares” on page 110.
•
NFS: Number of NFS exports for this Nasuni Filer. Clicking this setting opens the Exports
page. For details, see “Exports” on page 91.
Nasuni Management Console Guide 7.9
184
Filers Page
•
•
Filers page
•
FTP: Number of FTP/SFTP directories for this Nasuni Filer. Clicking this setting opens the
Filer FTP Status page. For details, see “FTP clients” on page 258.
•
iSCSI: Number of iSCSI targets and clients for this Nasuni Filer. Clicking this setting opens
the Filer iSCSI Status page. For details, see “iSCSI status” on page 262.
In the Platform area:
•
Filer Version: The version of the Nasuni Filer software, such as 7.5, and the version of the
Nasuni Filer base operating system, such as OS7.
•
Platform: Type of platform for this Nasuni Filer. For details, see “Platform Settings” on
page 267.
•
CPUs: Number of CPUs for this Nasuni Filer. For details, see “Platform Settings” on
page 267.
•
Memory: Memory for this Nasuni Filer. For details, see “Platform Settings” on page 267.
•
Disk Cache: Size of disk cache, and percentage of cache used, for this Nasuni Filer. For
details, see “Platform Settings” on page 267.
•
Ambient Temperature (for Nasuni Filer hardware appliances only): The ambient
temperature in Celsius and Fahrenheit.
•
Exhaust Temperature (for Nasuni Filer hardware appliances only): The exhaust temperature
in Celsius and Fahrenheit.
•
Inlet Temperature (for Nasuni Filer hardware appliances only): The inlet temperature in
Celsius and Fahrenheit.
•
Power Supplies (for Nasuni Filer hardware appliances only): The status of the power
supplies. If the status is Alert, you should investigate the situation.
•
RAID Arrays (for Nasuni Filer hardware appliances only): Number of RAID arrays and status
of the RAID arrays. If the status is Alert, you should investigate the situation.
•
RAID Disks (for Nasuni Filer hardware appliances only): Number of disks and status of the
disks. If the status is Alert, you should investigate the situation.
In the Network area:
•
Hostname: Hostname of this Nasuni Filer. For details, see “Network” on page 263.
•
IP Addresses: IP addresses for this Nasuni Filer. Clicking this setting opens the Nasuni Filer
user interface. For details, see “Network” on page 263.
Note: High-availability hardware appliance Nasuni Filers have two IP addresses.
•
Default Gateway: Default gateway for this Nasuni Filer. For details, see “Network” on
page 263.
•
DNS Servers: DNS servers for this Nasuni Filer. For details, see “Network” on page 263.
•
Search Domains: Search domains for this Nasuni Filer. For details, see “Network” on
page 263.
Nasuni Management Console Guide 7.9
185
Filers Page
API Keys
API Keys
The Nasuni VSS Hardware Provider supports creating shadow copies of iSCSI volumes for third-party
Windows applications. This provider provides a fast, consistent method to take snapshots of iSCSI
volumes on the Nasuni Filer. For more details, see Using the Nasuni VSS Hardware Provider, available
at www.nasuni.com/support/documentation.
This consists of two pieces:
•
Nasuni Provider: This is a service that runs on a Windows Server machine (including Windows
Server 2003, Windows Server 2008, and Windows Server 2012). This service initiates shadow
copies for iSCSI volumes on a registered Nasuni Filer. The provider communicates with the
Nasuni Filer over HTTPS. Registering the Nasuni Filer with the provider requires the Nasuni
Filer IP address, an API key name, and a key passcode.
•
Nasuni Filer API Access Keys: On the Nasuni Filer or Nasuni Management Console user
interfaces, the administrator needs to create a Key Name and generate a Key Passcode.
To obtain an API Access Key and Passcode, follow these steps:
1. Click Filers and select API Keys from the menu on the left. The Filer API Access Key Settings
page appears.
Figure 8-11: Filer API Access Key Settings page.
2. Click New API Key. The Add API Access Key dialog box appears.
Figure 8-12: Add API Access Key dialog box.
3. From the Filer drop-down list, select the Nasuni Filer with the iSCSI volume.
4. In the Name text box, enter a name for this API key. Use a name that is meaningful to you, such
as “vsskey”.
5. Click Add API Key. The Nasuni Filer generates a Key Passcode for this key. A message appears
that includes the Key Passcode.
6. Copy and store the Key Passcode.
Nasuni Management Console Guide 7.9
186
Filers Page
API Keys
7. The new key appears in the API Access Keys list.
8. To regenerate the Key Passcode, click Edit
9. To delete this key, click Delete Key
.
.
Note: If you update or delete a key, and then add another key, you must re-do the
Configuring Nasuni VSS Hardware Provider procedure.
Nasuni Management Console Guide 7.9
187
Filers Page
Automatic Software Updates
Automatic Software Updates
You can view and edit settings for automatic software updates for the Nasuni Filers on the Filer
Automatic Software Update Settings page.
You can configure managed Nasuni Filers to automatically download and install software updates on
selected days and times. This feature is disabled by default.
Tip: To prevent automatic software updates from occurring at inconvenient times, specify
the days and times for automatic software updates to occur. To prevent automatic software
updates entirely, clear all days and times.
You can also manually update the Nasuni Filer software, as detailed in “Software Updates” on
page 278.
See www.nasuni.com/support/documentation for a worksheet for planning configurations.
Viewing automatic software update settings
To view automatic software update settings, follow these steps:
1. Click Filers, then click Automatic Updates in the left-hand column. The Filer Automatic
Software Update Settings page displays a list of Nasuni Filers.
Figure 8-13: Filer Automatic Software Update Settings page.
The following information appears for each Nasuni Filer in the list:
•
Description: The description of the Nasuni Filer. You can change the description, as
detailed in “Nasuni Filer Description” on page 203.
•
Days: The days of the week on which to look for automatic software updates. If no days are
selected to look for automatic software updates, the label “Disabled” appears.
•
Hour: The time at which to look for automatic software updates on the selected days.
Nasuni Management Console Guide 7.9
188
Filers Page
Automatic Software Updates
Editing automatic software update settings
Tip: If a Nasuni Filer is joined to a Nasuni Management Console, update the Nasuni
Management Console software before updating the Nasuni Filer software.
To edit automatic software update settings, follow these steps:
1. On the Filer Automatic Software Update Settings page, select the Nasuni Filers in the list
whose automatic software update settings you want to edit.
2. Click Edit Filers. The Automatic Updates dialog box appears.
Figure 8-14: Automatic Updates dialog box.
3. To copy the automatic software update settings from a Nasuni Filer, select the Nasuni Filer from
the Copy Settings drop-down list. The automatic software update settings of the selected
Nasuni Filer appear in the Automatic Updates dialog box.
4. Select the days to look for automatic software updates (for example, Sunday, Tuesday, and
Thursday) in the Days area.
Tip: To prevent automatic software updates entirely, clear all days.
5. From the Time drop-down list, select the time on the selected day to look for automatic
software updates.
6. Click Save Update Schedule. The automatic software update settings are changed. The
Nasuni Filers appear in the list on the Filer Automatic Software Update Settings page.
Alternatively, to exit the dialog box without changing the automatic software update settings,
click Close.
Nasuni Management Console Guide 7.9
189
Filers Page
Cache Settings
Cache Settings
On the Filer Cache Settings page, you can view and edit the settings for the local cache space
reserved for new writes.
The cache performs two different, but related, tasks. First, the cache retains the data that users are
most likely to need. Second, the cache also temporarily contains new, incoming data that the Nasuni
Filer has not yet sent to permanent storage in the cloud.
By default, the Nasuni Filer automatically manages the amount of local cache space reserved for new,
incoming data, using an advanced algorithm to optimize cache usage. However, the administrator can
manually set the area of the cache reserved for new, incoming data. The area for new, incoming data
can be from 5 percent to 90 percent of the cache. The remainder of the cache retains the data locally
that users are most likely to need.
The larger the area for new, incoming data is, the less data the Nasuni Filer can retain locally, and the
more slowly users can access data. It might also be necessary for the Nasuni Filer to frequently retrieve
data from the cloud, which could delay access.
However, the larger the area for new, incoming data is, the larger the batches of new, incoming data
that the Nasuni Filer can send to permanent storage in the cloud, protecting that data from loss.
You can estimate the area necessary for each use by examining data usage patterns. For example, if
you have a 1 TB cache and must keep 200 GB of data locally, then you can set the area for new,
incoming data as high as 80 percent. On the other hand, if you rarely have more than 300 GB in a
snapshot, then you can set the area for new, incoming data as low as 30 percent, leaving 70 percent of
the cache for retaining data locally.
By setting the amount of local cache space reserved for new, incoming data, you disable the automatic
management of this value.
Important: The Data Migration Service uses the cache. To ensure that the Data Migration
Service has enough space, set Cache Settings to 30 percent or greater.
To view unprotected files in the cache, see “Unprotected Files” on page 89.
Nasuni Management Console Guide 7.9
190
Filers Page
Cache Settings
Viewing cache settings
To view the amount of local cache space reserved for new, incoming data, follow these steps:
1. Click Filers, then click Cache Settings in the left-hand column. The Filer Cache Settings page
displays a list of managed Nasuni Filers.
Figure 8-15: Filer Cache Settings page.
The following information appears for each Nasuni Filer in the list:
•
Description: The description of the Nasuni Filer. You can change the description, as
detailed in “Nasuni Filer Description” on page 203.
•
Minimum Value: The minimum value of space to reserve for new, incoming data, in percent.
•
Maximum Value: The maximum value of space to reserve for new, incoming data, in
percent.
•
Reserved: The amount of space reserved for new, incoming data in the cache, in percent. If
the amount of space reserved for new, incoming data is managed automatically by the
Nasuni Filer, the label “Automatic” appears.
Nasuni Management Console Guide 7.9
191
Filers Page
Cache Settings
Editing cache settings
To edit cache settings, follow these steps:
1. On the Filer Cache Settings page, select the Nasuni Filers in the list whose cache settings you
want to edit.
2. Click Edit Filers. The Cache Settings dialog box appears.
Figure 8-16: Cache Settings dialog box.
3. To copy the cache settings from a Nasuni Filer, select the Nasuni Filer from the Copy Settings
drop-down list. The cache settings of the selected Nasuni Filer appear in the Cache Settings
dialog box.
4. From the Reserved drop-down list, select the percentage of the cache to reserve for new data.
Alternatively, to enable the Nasuni Filers to manage the reserved cache space themselves,
select Automatic.
5. Click Save Cache Settings. The cache settings are changed. The Nasuni Filers appear in the
list on the Filer Cache Settings page.
Alternatively, to exit the dialog box without changing the cache settings, click Close.
Nasuni Management Console Guide 7.9
192
Filers Page
Central Configuration Policies
Central Configuration Policies
It is often expedient to define certain configuration policies for entire groups of users. These are called
Central Configuration Policies. For a specified group or groups, you can define the following
parameters:
•
Sync path: The path to the shared folder on the Nasuni Filer.
•
Bandwidth Limit: The inbound and outbound bandwidth limit for moving data to and from the
Nasuni Filer.
Note: Central Configuration Policies are only for Active Directory users and groups.
Creating Central Configuration Policies
To create Central Configuration Policies, follow these steps:
1. Click Filers, then click Central Configuration Policies. The Central Configuration Policies
page appears.
Figure 8-17: Configuration Policies page.
The following information appears for each configuration policy:
•
Name: The name of the central configuration policy.
•
Filer: The name of the Nasuni Filer of the central configuration policy.
•
Groups: The number of groups that the policy applies to.
•
Sync Paths: The number of Sync paths that the policy includes.
Nasuni Management Console Guide 7.9
193
Filers Page
Central Configuration Policies
2. Click Create Policy. The Create Policy dialog box appears.
Figure 8-18: Create Policy dialog box.
3. In the Policy Name text box, enter a name for this policy. Use a name that is meaningful to you,
such as “designers”.
4. In the Client Nasuni Folder text box, enter the folder name on the client machine. The default
Client Nasuni Folder is $HOME/Nasuni. On a Windows computer, this creates a folder named
Nasuni under the user’s folder.
Tip: If you don’t want different users to be able to view each others’ data, use the default
location, which points to each user’s specific folder.
If you do want different users to be able to view each others’ data, use a specific
folder name, such as nasunifolder.
5. You define configuration policies for groups of users.
To add one group, follow these steps:
a. In the Groups area, click Add One. The Name search box appears.
Figure 8-19: Add One Name search box.
Nasuni Management Console Guide 7.9
194
Filers Page
Central Configuration Policies
b. Enter a partial or complete group name, then click Search
appears, containing the partial or complete group name.
. The Select Group dialog box
Figure 8-20: Select Group dialog box.
c. Click Search. A list of groups that match your search appears. Select the group to define
access for, then click Add Selected Group. The selected group appears in the Groups area.
Figure 8-21: Groups area.
6. To add more than one group, follow these steps:
a. In the Groups area, click Add Many. The Select Groups dialog box appears.
b. In the Search text box, enter a partial or complete group name.
c. Click Search. A list of groups that match your search appears.
d. Select the groups to define access for, then click Add Selected Groups. The selected groups
appear in the Groups area.
7. To delete a group from the Groups list, click Delete
deleted from the list.
next to the group name. The group is
8. To specify one or more Sync paths, follow these steps:
a. Click Add One beside Sync Paths. The Add Sync Path dialog box appears.
Figure 8-22: Add Sync Path search box.
b. Click the Volume drop-down list. From the list, select the volume for the Sync path.
Nasuni Management Console Guide 7.9
195
Filers Page
Central Configuration Policies
c. Click the Share drop-down list. From the list, select the share within the selected volume for
the Sync path. A list of shares appears.
d. From the list of shares, select the Sync paths for this policy.
e. Click Add. The selected Sync paths are added to the dialog box.
f.
To specify read-only access to the share, select Read Only for the share.
9. To allow users to override the specified Sync Paths, select “Allow Users to Override Sync
Paths”.
10. To set a Bandwidth Limit, in the Bandwidth Limit text box, type the value of the maximum
bandwidth, in MB/second. To specify no upper limit, type 0 or leave the text box blank.
11. To allow users to override the Bandwidth Limit, select “Allow Users to Override Bandwidth
Limit”.
12. To save the specified policy, click Save Policy.
The policy appears in the list of Central Configuration Policies.
Figure 8-23: Central Configuration Policies.
Editing Central Configuration Policies
To edit Central Configuration Policies, follow these steps:
1. Click Filers, then click Central Configuration Policies. The Central Configuration Policies
page appears.
Figure 8-24: Configuration Policies page.
The following information appears for each configuration policy:
•
Name: The name of the central configuration policy.
•
Filer: The name of the Nasuni Filer of the central configuration policy.
•
Groups: The number of groups that the policy applies to.
•
Sync Paths: The number of Sync paths that the policy includes.
Nasuni Management Console Guide 7.9
196
Filers Page
Central Configuration Policies
2. For the configuration policy that you want to edit, click Edit
. The Create Policy dialog box
appears. Continue with “Creating Central Configuration Policies” step 3 on page 194.
Deleting Central Configuration Policies
To delete Central Configuration Policies, follow these steps:
1. Click Filers, then click Central Configuration Policies. The Central Configuration Policies
page appears.
Figure 8-25: Configuration Policies page.
The following information appears for each configuration policy:
•
Name: The name of the central configuration policy.
•
Filer: The name of the Nasuni Filer of the central configuration policy.
•
Groups: The number of groups that the policy applies to.
•
Sync Paths: The number of Sync paths that the policy includes.
2. For the configuration policy that you want to delete, click Delete
Delete Policy dialog box appears. Click Delete Policy.
.Click Create Policy. The
The configuration policy is deleted.
Nasuni Management Console Guide 7.9
197
Filers Page
CIFS Settings
CIFS Settings
You can view and configure CIFS settings for Nasuni Filers. These advanced features of the CIFS
interface apply to all volumes on a Nasuni Filer.
Viewing CIFS settings
To view CIFS settings, follow these steps:
1. Click Filers, then click CIFS Settings in the left-hand column. The Filer CIFS Settings page
displays a list of Nasuni Filers.
Figure 8-26: Filer CIFS Settings page.
The following information appears for each Nasuni Filer:
•
Description: The description of the Nasuni Filer.
•
Allocation Roundup Size: Value to round up file sizes on disk.
•
Protocol Level: The maximum version of the CIFS/SMB protocol that the server negotiates
with the client.
•
Enhanced Support for POSIX Clients: Whether to allow clients to use Portable Operating
System Interface (POSIX) semantics: Yes (allow) or No (do not allow). If not enabled, POSIX
clients can still connect. However, they do not have the full range of file server operations.
Nasuni Management Console Guide 7.9
198
Filers Page
CIFS Settings
Editing CIFS settings
To edit CIFS settings, follow these steps:
1. On the Filer CIFS Settings page, select the Nasuni Filers to change, then click Edit Filers. The
CIFS Settings dialog box appears.
Figure 8-27: CIFS Settings dialog box.
2. To copy the settings from a Nasuni Filer, select the Nasuni Filer from the Copy Settings dropdown list. The settings of the selected Nasuni Filer appear in the dialog box.
3. From the Allocation Roundup Size drop-down list, select the allocation roundup size. Unless
you have applications that require disabling this option, select Default (1 MiB). Disabling this
option can degrade performance because it rounds up the file sizes on disk.
4. From the Protocol Level drop-down list, select the maximum version of the CIFS/SMB protocol
that the server negotiates with the client. This is the highest level that the Nasuni Filer supports.
The client can negotiate a lower version, if necessary. The choices include the following:
•
CIFS: Common Internet File System protocol, also called SMB 1.0.
•
CIFS & SMB2: Server Message Block version 2.0. SMB 2.0 offers improved performance
over SMB 1.0.
•
CIFS & SMB3: Server Message Block version 3.0. SMB 3.0 offers improved performance
and security over SMB 2.0.
Tip: Best practice is to select “CIFS & SMB2”. Using SMB2 can improve performance
significantly.
5. To allow clients to use Portable Operating System Interface (POSIX) semantics, select the
Enhanced Support for POSIX Clients check box (selected by default). If you clear this option,
Nasuni Management Console Guide 7.9
199
Filers Page
CIFS Settings
POSIX clients can still connect. However, they do not have the full range of file server
operations.
Tip: CIFS shares that have OS X clients should select the Enhanced Support for POSIX
Clients check box.
6. Click Save CIFS Settings to save your settings, or else click Close.
Note: Changing these settings only affects new CIFS/SMB clients. You must disconnect
or reset an existing client's connection to use the new settings.
Nasuni Management Console Guide 7.9
200
Filers Page
FTP Settings
FTP Settings
You can view and configure FTP/SFTP settings for Nasuni Filers. These advanced features of the FTP
protocol apply to all volumes on a Nasuni Filer.
Tip: In order to access data using the FTP/SFTP protocol, the following steps are necessary:
1. Create a CIFS or NFS volume. See “Create Volume” on page 64.
2. Enable the FTP protocol on the volume. See “Enabling multiple volume protocols” on
page 139.
3. (Optional) Configure FTP/SFTP settings. See “Editing FTP settings” on page 202.
4. Add a new FTP/SFTP directory. See “Creating FTP directories” on page 102.
5. (Optional) Create a permission group that has storage access. See “Adding Permission
Groups” on page 350 in the Nasuni Filer Administration Guide.
6. (Optional) Create a user in a permission group that has storage access. See “Adding Users”
on page 356 in the Nasuni Filer Administration Guide. Active Directory and LDAP users can
log in for FTP access just as they do for CIFS access. Also, if anonymous access is enabled,
you don't need a specific group or user.
7. Access files using the FTP/SFTP protocol.
Viewing FTP settings
To view FTP/SFTP settings, follow these steps:
1. Click Filers, then click FTP Settings in the left-hand column. The Filer FTP Settings page
displays a list of Nasuni Filers.
Figure 8-28: Filer FTP Settings page.
The following information appears for each Nasuni Filer:
•
Description: The description of the Nasuni Filer.
•
Masquerade Address: IP address (not DNS hostname) presented to client, instead of local
server’s IP address or DNS hostname.
•
Idle Login Timeout: Time in seconds to wait before closing an idle connection. Zero (0)
means never close an idle connection.
•
Anonymous Access Username: Username that the user must log in with in order to access
any FTP/SFTP directory anonymously. Default: anonymous.
•
Anonymous Access Group: Group associated with the Anonymous Access Username.
Nasuni Management Console Guide 7.9
201
Filers Page
FTP Settings
Editing FTP settings
To edit FTP/SFTP settings, follow these steps:
1. On the Filer FTP Settings page, select the Nasuni Filers to change, then click Edit Filers. The
FTP Settings dialog box appears.
Figure 8-29: FTP Settings dialog box.
2. To copy the settings from a Nasuni Filer, select the Nasuni Filer from the Copy Settings dropdown list. The settings of the selected Nasuni Filer appear in the dialog box.
3. Optionally, in the Masquerade Address text box, type an IP address or DNS hostname to
present to the client instead of the local server's IP address or DNS hostname.
4. Optionally, in the Idle Login Timeout text box, type the time in seconds to wait before closing
an idle connection. Zero (0) means never close an idle connection.
5. Optionally, in the Anonymous Access Username text box, type the username that the user
must log in with in order to access any FTP/SFTP directory anonymously. Default: anonymous.
The username is case sensitive.
6. Optionally, in the Anonymous Access Group text box, type the group associated with the
Anonymous Access Username.
7. Click Save FTP Settings to save your settings. Otherwise, click Close.
Nasuni Management Console Guide 7.9
202
Filers Page
Nasuni Filer Description
Nasuni Filer Description
You can view and change Nasuni Filer descriptions on the Filer Description page.
You can change the name of the Nasuni Filer from the name assigned when you installed it. The name
can be up to 140 characters in length.
This name is used as a descriptive name for the Nasuni Filer when you log in to your account at
www.nasuni.com or perform a disaster recovery.
See www.nasuni.com/support/documentation for a worksheet for planning configurations.
Viewing Nasuni Filer descriptions
To view Nasuni Filer descriptions, follow these steps:
1. Click Filers, then click Description in the left-hand column. The Filer Description page
displays a list of managed Nasuni Filers.
Figure 8-30: Filer Description page.
The following information appears for each Nasuni Filer in the list:
•
Description: The description of the Nasuni Filer.
Editing the Nasuni Filer description
To edit the selected Nasuni Filer description, follow these steps:
1. On the Filer Description page, click Edit
. The Description Settings dialog box appears.
Figure 8-31: Description Settings dialog box.
2. Enter a new description in the Filer Description text box. The description can be up to 140
characters in length.
3. To accept your, click Save Description. The description is changed and appears in the list of
Nasuni Filers.
Alternatively, to exit this screen without changing the description, click the Close button.
Nasuni Management Console Guide 7.9
203
Filers Page
Disk Encryption
Disk Encryption
You can view and change the disk encryption settings for Nasuni Filers. If Full Disk Encryption is
available for a Nasuni Filer, you can enable disk encryption. If disk encryption is enabled, you can
change the encryption password.
Warning: After Full Disk Encryption is enabled, it cannot be disabled.
Viewing disk encryption status
To view the status of disk encryption for Nasuni Filers, follow these steps:
1. Click Filers, then click Disk Encryption in the left-hand column. The Full Disk Encryption page
displays a list of managed Nasuni Filers.
Figure 8-32: Full Disk Encryption page.
The following information appears for each Nasuni Filer in the list:
•
Description: The description of the Nasuni Filer.
•
Full Disk Encryption: The status of disk encryption for the Nasuni Filer: Not Available, Not
Enabled, or Enabled.
Nasuni Management Console Guide 7.9
204
Filers Page
Disk Encryption
Editing the disk encryption status of the Nasuni Filer
Warning: After Full Disk Encryption is enabled, it cannot be disabled.
To edit the selected Nasuni Filer description, follow these steps:
1. To enable disk encryption: On the Full Disk Encryption page, for a Nasuni Filer that has the
status of Not Enabled, click Edit
. The Enable Full Disk Encryption dialog box appears.
Figure 8-33: Enable Full Disk Encryption dialog box.
Enter a password for the disk, and verify the password.
2. To change the password for a disk with disk encryption enabled: On the Full Disk Encryption
. The Change Full Disk
page, for a Nasuni Filer that has the status of Enabled, click Edit
Encryption Password dialog box appears.
Figure 8-34: Change Full Disk Encryption Password dialog box.
Nasuni Management Console Guide 7.9
205
Filers Page
Disk Encryption
Enter the current password, then enter a new password for the disk, and verify the password.
Click Save.
Nasuni Management Console Guide 7.9
206
Filers Page
Email Settings
Email Settings
Clicking the Email Settings link opens the Filer & Console Email Settings page. See “Email Settings”
on page 292.
Nasuni Management Console Guide 7.9
207
Filers Page
Encryption Keys
Encryption Keys
You can view, upload, send, escrow, and delete encryption keys on the Filer Encryption Keys page.
The Nasuni Filer automatically encrypts your data at your premises using the OpenPGP encryption
protocol, with the default encryption of 256-bit Advanced Encryption Standard (AES-256). The data
remains encrypted in cloud storage.
You can upload encryption keys. You can send existing encryption keys to Nasuni Filers. You can
escrow your encryption keys with Nasuni.
All data on a volume is encrypted using one or more encryption keys before being sent to cloud
storage. Volumes may be encrypted with one or more encryption keys, and encryption keys may be
used for any number of volumes.
There are several actions you can perform on encryption keys, including adding new encryption keys,
enabling or disabling encryption keys, escrowing encryption keys with Nasuni, and, under certain
circumstances, deleting encryption keys.
Important: All uploaded encryption keys should be at least 2048 bits long.
At least one encryption key must be enabled for a volume, but several encryption keys can be enabled
at the same time. When multiple encryption keys are enabled, all of the enabled encryption keys are
used to encrypt data in such a way that any one of the encryption keys can decrypt the data.
There are several reasons you might want to disable an encryption key, such as, when someone with
access to the encryption key leaves the company, or if your enterprise has a policy of rotating
encryption keys periodically. When you disable an encryption key, no future data is encrypted with that
encryption key. However, all data previously encrypted by that disabled encryption key remains
encrypted by that disabled encryption key. For this reason, before you disable an encryption key, you
should consider establishing a snapshot retention policy that removes the data that was encrypted with
the disabled encryption key.
Because volumes must have at least one encryption key associated with them, in practice you add a
new encryption key to a volume first, and then disable the existing encryption key.
You can delete encryption keys, but only in the case where they are not being used by any volumes.
You cannot modify encryption keys stored on the system. For security reasons, encryption keys that
you upload cannot be downloaded from the system. You can only download encryption keys that the
Nasuni Filer has generated internally.
Note: To add an encryption key to a volume, see “Adding encryption keys to a volume”.
See www.nasuni.com/support/documentation for a worksheet for planning configurations.
Nasuni Management Console Guide 7.9
208
Filers Page
Encryption Keys
Viewing encryption keys on Nasuni Filers
To view encryption keys on Nasuni Filers, follow these steps:
1. Click Filers, then click Encryption Keys in the left-hand column. The Filer Encryption Keys
page displays a list of encryption keys on managed Nasuni Filers.
Figure 8-35: Filer Encryption Keys page.
The following information appears for each encryption key in the list:
•
Name: The name of the encryption key.
•
Fingerprint: The fingerprint is a cryptographic hash of the encryption key.
•
Algorithm: The algorithm of the encryption key, such as RSA.
•
Length: The length of the encryption key, in bits.
•
Key ID: The key ID is a shorter version of the fingerprint of the encryption key, generally
including just the last 8 digits.
•
Filer: The name of the Nasuni Filer where this encryption key is located.
•
Escrowed by Nasuni: Whether this encryption key is escrowed by Nasuni: Yes (encryption
key is escrowed by Nasuni) or No (encryption key is not escrowed by Nasuni).
•
Actions: Actions available for each encryption key.
Nasuni Management Console Guide 7.9
209
Filers Page
Encryption Keys
Adding (importing or uploading) encryption keys to Nasuni Filers
You can add (import or upload) encryption keys to Nasuni Filers.
You can generate your own encryption keys using any OpenPGP-compatible program, such as PGP or
GnuPG. You can then add (import or upload) the encryption key to Nasuni Filers. The encryption key is
used to encrypt your data before it is sent to cloud storage and decrypt data when it is read back. The
Nasuni Filer accepts multiple encryption algorithms for encryption keys.
Important: Imported encryption keys are not automatically escrowed. You MUST SAVE all
imported encryption keys to another location outside the Nasuni Filer, so that they are
available if needed for disaster recovery. All encryption keys associated with a volume must
be recovered as part of the disaster recovery process. To escrow encryption keys with
Nasuni, see “Escrowing Encryption Keys with Nasuni” on page 212.
To add (import or upload) encryption keys to Nasuni Filers, follow these steps:
1. On the Filer Encryption Keys page, click Upload Encryption Keys. The Import Key(s) dialog
box appears.
Figure 8-36: Import Key(s) dialog box.
2. Select the managed Nasuni Filers to which you want to upload the encryption key.
3. Click Choose File, then navigate to the encryption key file. This file should be OpenPGPcompatible.
4. If an encryption key passphrase is needed, enter the encryption key passphrase in the Key
Passphrase text box.
5. Click Import Key. The encryption key is imported to the selected Nasuni Filers.
Alternatively, to exit this screen without importing any encryption keys, click the Close button.
Nasuni Management Console Guide 7.9
210
Filers Page
Encryption Keys
Sending encryption keys to Nasuni Filers
You can send existing encryption keys from the Nasuni Management Console to Nasuni Filers.
Important: Encryption keys are not automatically escrowed. You MUST SAVE all encryption
keys to another location outside the Nasuni Filer, so that they are available if needed for
disaster recovery. All encryption keys associated with a volume must be recovered as part of
the disaster recovery process. To escrow encryption keys with Nasuni, see “Escrowing
Encryption Keys with Nasuni” on page 212.
To send encryption keys to Nasuni Filers, follow these steps:
1. On the Filer Encryption Keys page, click Send NMC Keys. The Send NMC Key(s) dialog box
appears.
Figure 8-37: Send NMC Key(s) dialog box.
2. Select the managed Nasuni Filers to which you want to send the encryption keys.
3. Select the encryption keys that you want to send to the selected Nasuni Filers.
4. Click Send Key(s). The selected encryption keys are sent to the selected Nasuni Filers.
Alternatively, to exit this screen without sending any encryption keys, click the Close button.
Nasuni Management Console Guide 7.9
211
Filers Page
Encryption Keys
Escrowing Encryption Keys with Nasuni
You can escrow your encryption keys with Nasuni.
Escrowing an encryption key with Nasuni means that you can, at any time, request the encryption key
during a disaster recovery from Nasuni. Your key is protected on Nasuni servers using the same
security practices that we use for all keys escrowed with Nasuni.
To escrow encryption keys with Nasuni, follow these steps:
1. For the encryption key that you want to escrow with Nasuni, on the Filer Encryption Keys
page, click Escrow Key with Nasuni
. The Escrow Encryption Key dialog box appears.
Figure 8-38: Escrow Encryption Key dialog box.
2. Enter a Username (case-sensitive) and Password (case-sensitive) that has permission to
perform this operation.
Caution: You are about to permanently escrow your encryption key with the Nasuni
Corporation. This process is irreversible.
3. Click Escrow Key. Your encryption key is escrowed with Nasuni. The information on the Filer
Encryption Keys page updates to reflect this change.
Alternatively, to exit this screen without escrowing any encryption keys, click the Close button.
Nasuni Management Console Guide 7.9
212
Filers Page
Encryption Keys
Deleting Encryption Keys
You can delete encryption keys, as long as the encryption key is not currently assigned to a volume and
never has been assigned to a volume. Encryption keys that were once assigned to a volume, but are
now disabled, might be needed for disaster recovery procedures and so cannot be deleted.
To delete an encryption key, follow these steps:
1. For the encryption key that you want to delete, on the Filer Encryption Keys page, click Delete
Key
. The Delete Encryption Key dialog box appears.
Figure 8-39: Delete Encryption Key dialog box.
2. Enter a Username (case-sensitive) and Password (case-sensitive) that has permission to
perform this operation.
Caution: You are about to permanently delete this encryption key. This process is
irreversible.
3. Click Delete Key. Your encryption key is deleted. The Filer Encryption Keys page updates to
reflect this change.
Alternatively, to exit this screen without deleting any encryption keys, click the Close button.
Nasuni Management Console Guide 7.9
213
Filers Page
Global Locking
Global Locking
Edit
This page enables you to configure certain aspects of global file locking. For details about global file
locking, see “Global Locking” on page 84.
Tip: Use caution when making changes to global file locking, and discuss the possible
implications of changes beforehand with Nasuni Technical Support.
Note: The Nasuni Filer supports the use of byte-range locking for applications that benefit
from this feature. However, because of the impact on performance, byte-range locking is
disabled by default. If your applications require byte-range locking, contact Nasuni Technical
Support to enable byte-range locking.
If global file locking is enabled, and Internet connectivity issues prevent a Nasuni Filer from releasing
locks on certain files, local users can still read any files that are present in the local cache by degrading
the type of lock to a read lock. If a user is trying to access a file that is not present in the local cache,
and if the Nasuni Filer does have Internet access, you can also attempt to restore access to the file by
degrading the type of lock to a read lock. Enabling this feature causes all locks that are not read locks
to be denied. This effectively makes any directories that have global locks enabled into read-only
directories. Only enable this feature if file access is affected for an extended period of time.
To degrade global file locking to read locks, follow these steps:
1. Click Filers, then select Global Locking. The Filer Global Locking Settings page appears.
Figure 8-40: Filer Global Locking Settings page.
2. Select the Nasuni Filers to degrade to read locks, then click Edit Filers. The Global Locking
Settings dialog box appears.
Figure 8-41: Global Locking Settings dialog box.
3. To copy the settings from a Nasuni Filer, select the Nasuni Filer from the Copy Settings dropdown list. The settings of the selected Nasuni Filer appear in the dialog box.
Nasuni Management Console Guide 7.9
214
Filers Page
Global Locking
4. To degrade global file locking to read locks, select enabled from the Degrade to read locks
drop-down list.
5. To accept your selections, click Save Global Locking Settings.
The global file locking configuration is changed.
Nasuni Management Console Guide 7.9
215
Filers Page
Quality of Service (Bandwidth) Settings
Quality of Service (Bandwidth) Settings
Quality of Service (QoS) settings specify the inbound and outbound bandwidth configuration for moving
data to and from the Nasuni Filer, such as moving snapshots to cloud storage. By default, the inbound
and outbound bandwidth configuration for snapshots is 2 megabits per second, but Nasuni does not
recommend keeping those bandwidths. The IT administrator or person responsible for managing
Nasuni Filers can change the bandwidth of inbound and outbound data as needed.
Note: When you create one or more Quality of Service rules, the default Quality of Service
bandwidth becomes unlimited during any time that is not defined by a rule.
Note: If the inbound Quality of Service is too low, and data must be obtained from cloud
storage, data access might be affected.
Note: If the outbound Quality of Service is large or unlimited, and the inbound Quality of
Service is small, the limited inbound bandwidth for return packets (such as
acknowledgements) might affect the outbound bandwidth.
You can also create additional Quality of Service (QoS) rules. A Nasuni Filer can have a maximum of 12
rules. You can set the bandwidth of inbound and outbound data for specific days and between specific
hours. For example, if you specify 100 kilobits per second outbound for Monday through Friday from
8:00 AM to 3:00 PM, then the Nasuni Filer configures the outbound bandwidth to a maximum of 100
kilobits per second during that period, but does not limit the bandwidth used outside that period.
Snapshots are slower during the limited bandwidth period. Local user read/write operations are not
affected.
Limiting the bandwidth of inbound and outbound data between specific hours can help decrease
network congestion. For instance, if you configure snapshots to occur every hour and limit the
outbound bandwidth to 50 kilobits a second, a large snapshot completes at a slower rate, but with no
impact on your network speeds.
Note: When you create one or more Quality of Service rules, the default Quality of Service
bandwidth becomes unlimited during any time that is not defined by a rule.
See www.nasuni.com/support/documentation for a worksheet for planning configurations.
Nasuni Management Console Guide 7.9
216
Filers Page
Quality of Service (Bandwidth) Settings
Viewing Quality of Service settings
To view the Quality of Service settings, follow these steps:
1. Click Quality of Service. The Filer Quality of Service page displays a list of managed Nasuni
Filers.
Figure 8-42: Filer Quality of Service page.
The following information appears for each Nasuni Filer in the list:
•
Description: The description of the Nasuni Filer.
•
Days: The days of the week for which Quality of Service rules are scheduled. If no rules have
been enabled, the label “--” appears.
•
Time: The time span during which Quality of Service rules are scheduled. If no rules have
been enabled, the label “--” appears.
•
Outbound Limit: The limit on outbound bandwidth during specified times on specified days.
•
Inbound Limit: The limit on inbound bandwidth during specified times on specified days.
Adding Quality of Service rules
To edit Quality of Service rules, follow these steps:
1. On the Filer Quality of Service page, select the Nasuni Filers in the list to which you want to
add Quality of Service rules.
2. Click Edit Filers. The Quality of Service Settings dialog box appears.
Figure 8-43: Quality of Service Settings dialog box.
Warning: When you edit the Quality of Service rules of multiple Nasuni Filers, any
existing rules are removed and replaced with the rules saved here. To retain the
current rules of one of the Nasuni Filers, select that Nasuni Filer from the Copy
Settings drop-down list.
Nasuni Management Console Guide 7.9
217
Filers Page
Quality of Service (Bandwidth) Settings
3. To copy the Quality of Service settings from a Nasuni Filer, select the Nasuni Filer from the
Copy Settings drop-down list. The Quality of Service settings of the selected Nasuni Filer
appear in the Quality of Service Settings dialog box.
4. Click Add Rule. The Add Rule dialog box appears.
Figure 8-44: Add Rule dialog box.
Note: You cannot have a rule that applies to the same day and hour as another rule.
a. Select the days to limit the bandwidth (for example, Sunday, Tuesday, and Thursday).
b. To specify limiting the bandwidth 24 hours a day, select the All Day check box.
Otherwise, select the hour to start limiting the bandwidth from the Start drop-down list.
Select the hour to stop limiting the bandwidth from the Stop drop-down list.
c. Enter the Outbound Limit value, and select the units from the drop-down list. Use 0 (zero) to
specify no limit.
d. Enter the Inbound Limit value, and select the units from the drop-down list. Use 0 (zero) to
specify no limit.
e. Click Add Rule. The new rule is added to the Quality of Service.
Alternatively, to exit the dialog box without adding the new rule, click Close.
5. Click Save Rules. The Quality of Service rules are changed. The Nasuni Filer appears in the list
on the Quality of Service page.
Alternatively, to exit the dialog box without changing the Quality of Service rules, click Close.
Nasuni Management Console Guide 7.9
218
Filers Page
Quality of Service (Bandwidth) Settings
Editing Quality of Service rules
To edit Quality of Service rules, follow these steps:
1. On the Filer Quality of Service page, select the Nasuni Filers in the list whose Quality of Service
rules you want to edit.
2. Click Edit Filers. The Quality of Service Settings dialog box appears.
Figure 8-45: Quality of Service Settings dialog box.
3. To copy the Quality of Service settings from a Nasuni Filer, select the Nasuni Filer from the
Copy Settings drop-down list. The Quality of Service settings of the selected Nasuni Filer
appear in the Quality of Service Settings dialog box.
4. To edit an existing rule, click Edit
. The Edit Rule dialog box appears.
Figure 8-46: Edit Rule dialog box.
Note: You cannot have a rule that applies to the same day and hour as another rule.
a. Select the days to limit the bandwidth (for example, Sunday, Tuesday, and Thursday).
Nasuni Management Console Guide 7.9
219
Filers Page
Quality of Service (Bandwidth) Settings
b. To specify limiting the bandwidth 24 hours a day, select the All Day check box.
Otherwise, select the hour to start limiting the bandwidth from the Start drop-down list.
Select the hour to stop limiting the bandwidth from the Stop drop-down list.
c. Enter the Outbound Limit value, and select the units from the drop-down list. Use 0 (zero) to
specify no limit.
d. Enter the Inbound Limit value, and select the units from the drop-down list. Use 0 (zero) to
specify no limit.
e. Click Update Rule. The rule is changed.
Alternatively, to exit the dialog box without changing the rule, click Close.
5. Click Save Rules. The Quality of Service rules are changed. The Nasuni Filer appears in the list
on the Quality of Service page.
Alternatively, to exit the dialog box without changing the Quality of Service rules, click Close.
Deleting Quality of Service rules
To delete Quality of Service rules, follow these steps:
1. On the Filer Quality of Service page, select the Nasuni Filers in the list whose Quality of Service
rules you want to delete.
2. Click Edit Filers. The Quality of Service Settings dialog box appears.
Figure 8-47: Quality of Service Settings dialog box.
3. To delete an existing rule, click Delete
. The rule is deleted.
4. Click Save Rules. The Quality of Service rules are changed. The Nasuni Filer appears in the list
on the Quality of Service page.
Alternatively, to exit the dialog box without changing the Quality of Service rules, click Close.
Nasuni Management Console Guide 7.9
220
Filers Page
Quota Reports
Quota Reports
You can view and configure the schedule of when to send quota reports. You can also manually initiate
sending a quota report.
Using the Nasuni Filer user interface, you can set a quota on the contents of a directory and the
subdirectories of a directory. You can configure an email address to receive reports when the selected
directory is near or over its limit. You can also set the quota limit. The email reports can go to
administrators or to users or both. To send quota email reports, you must also enable email (see “Email
Settings” on page 292) and Capacity Alerts (see “Adding Permission Groups” on page 350).
A typical personal quota report looks like the following:
You are receiving this automated Storage Usage Report because at least
one directory is near or over its storage quota threshold of 90%. Your
storage administrator has associated this email address with the
directories listed below. If this is incorrect, please contact your
storage administrator.
This Storage Usage Report is for the storage controller: "filer-x"
This Storage Usage Report includes directories that are in the volume:
volume-1
Directory Path
Current
Storage
Limit
Current
Storage
Usage
Percent
Used
Email Address
/nmc
1.0 GB
923.21 MB
92%
[email protected]
/users
1.0 GB
126.31 MB
126%
[email protected]
Please consult with your storage administrator to either reduce the
amount of data stored in the directories listed above, or increase the
storage limit for those directories.
A typical Directory Quota Violation Report looks like the following:
You are receiving this Directory Quota Violation Report because one or
more directories is near or over its Directory quota threshold of 90%.
This email address is designated to receive Capacity Alerts. If this is
incorrect, you can change the Email Settings for this Nasuni Filer.
This Storage Usage Report is for the storage controller: "filer-x"
This Storage Usage Report includes directories that are in the volume:
volume-1
Directory Path
Current
Storage
Limit
Current
Storage
Usage
Percent
Used
Email Address
/nmc
1.0 GB
923.21 MB
92%
[email protected]
/users
1.0 GB
126.31 MB
126%
[email protected]
Nasuni Management Console Guide 7.9
221
Filers Page
Quota Reports
Viewing quota report schedules
To view the quota report schedules, follow these steps:
1. Click Quota Reports. The Quota Report Schedule page displays a list of managed Nasuni Filers.
Figure 8-48: Quota Report Schedule page.
The following information appears for each Nasuni Filer in the list:
•
Description: The description of the Nasuni Filer.
•
Days: The days of the week for which quota reports are scheduled. If no quota reports are
scheduled, the label “No Schedules” appears.
•
Activation Time: The time for which quota reports are scheduled.
•
Report Types: The types of reports scheduled.
•
Threshold: The percentage threshold for generating a quota report.
Nasuni Management Console Guide 7.9
222
Filers Page
Quota Reports
Sending a quota report manually
You can send a quota report immediately, even if the quota report threshold is not exceeded. To send
quota email reports, you must also enable email and Capacity Alerts. See “Email Settings” on
page 292.
To manually send a quota report, follow these steps:
1. On the Quota Report Schedule page, select the Nasuni Filers in the list for which you want to
manually send a quota report.
2. Click Send Quota Report. The Send Quota Report dialog box appears.
Figure 8-49: Send Quota Report dialog box.
3. To send administrative reports, select Administrative Report to On. Administrative reports are
sent regardless of whether any directories are near or over their quota.
4. To send user reports, select User Report to On. User reports are sent regardless of whether
any directories are near or over their quota.
5. In the Report Threshold text box, enter the percentage of the limit at which to send the report.
Quota reports are sent regardless of whether any directories are near or over their quota.
6. Click Send Quota Report. The quota report is sent.
Alternatively, to exit the dialog box without sending a quota report, click Close.
Nasuni Management Console Guide 7.9
223
Filers Page
Quota Reports
Adding quota report schedules
To edit quota report schedules, follow these steps:
1. On the Quota Report Schedule page, select the Nasuni Filers in the list for which you want to
add a quota report schedule.
2. Click Edit Filers. The Volume Quota Report Settings dialog box appears.
Figure 8-50: Volume Quota Report Settings dialog box.
The Days, Activation Time, Reports setting, and Threshold appear for each quota report in the
list.
3. To copy the quota report settings from a Nasuni Filer, select the Nasuni Filer from the Copy
Settings drop-down list. The quota report settings of the selected Nasuni Filer appear in the
dialog box.
4. To add a schedule, click Add Schedule. The Add Schedule Quota Report dialog box appears.
Figure 8-51: Add Schedule Quota Report dialog box.
5. Select the days to send quota reports (for example, Sunday, Tuesday, and Thursday). To select
or deselect all days, click Select/Deselect All.
Nasuni Management Console Guide 7.9
224
Filers Page
Quota Reports
6. Select the hour to start sending quota reports from the Activation Time drop-down list.
7. To send administrative reports, select Administrative Report. Administrative reports include all
Directory Quota Violations for all directories near or over their quota.
8. To send user reports, select User Report. User reports include individual Directory Quota
Violations sent to the owner of the directory for the user’s directories near or over their quota.
9. In the Report Threshold text box, enter the percentage of the limit at which to send the report.
For example, if you enter 95, a report is sent when the data exceeds 95 percent of the limit.
10. Click Add Report. The new quota report schedule is added.
Alternatively, to exit the dialog box without adding the quota report schedule, click Close.
11. On the Volume Quota Report Settings dialog box, click Save Schedules. The quota report
schedules are saved. The Nasuni Filer appears in the list on the Quota Report Schedule page.
Alternatively, to exit the dialog box without saving the quota report schedules, click Close.
Nasuni Management Console Guide 7.9
225
Filers Page
Quota Reports
Editing quota report schedules
To edit quota report schedules, follow these steps:
1. On the Quota Report Schedule page, select the Nasuni Filers in the list whose quota report
schedule you want to edit.
2. Click Edit Filers. The Volume Quota Report Settings dialog box appears.
Figure 8-52: Volume Quota Report Settings dialog box.
The Days, Activation Time, Reports setting, and Threshold appear for each quota report in the
list.
3. To copy the quota report settings from a Nasuni Filer, select the Nasuni Filer from the Copy
Settings drop-down list. The quota report settings of the selected Nasuni Filer appear in the
dialog box.
4. To edit a schedule, click Edit
appears.
for the schedule. The Edit Schedule Quota Report dialog box
Figure 8-53: Edit Schedule Quota Report dialog box.
Nasuni Management Console Guide 7.9
226
Filers Page
Quota Reports
5. Select the days to send quota reports (for example, Sunday, Tuesday, and Thursday). To select
or deselect all days, click Select/Deselect All.
6. Select the hour to start sending quota reports from the Activation Time drop-down list.
7. To send administrative reports, select Administrative Report. Administrative reports include all
Directory Quota Violations for all directories near or over their quota.
8. To send user reports, select User Report. User reports include individual Directory Quota
Violations sent to the owner of the directory for the user’s directories near or over their quota.
9. In the Report Threshold text box, enter the percentage of the limit at which to send the report.
For example, if you enter 95, a report is sent when the data exceeds 95 percent of the limit.
10. Click Update Schedule. The quota report schedule is updated.
Alternatively, to exit the dialog box without updating the quota report schedule, click Close.
11. On the Volume Quota Report Settings dialog box, click Save Schedules. The quota report
schedules are saved. The Nasuni Filer appears in the list on the Quota Report Schedule page.
Alternatively, to exit the dialog box without saving the quota report schedules, click Close.
Nasuni Management Console Guide 7.9
227
Filers Page
SNMP Settings
SNMP Settings
You can configure SNMP monitoring of Nasuni Filers.
The Nasuni Filer supports monitoring via the Simple Network Management Protocol (SNMP) v1, v2c,
and v3. The Nasuni Filer exposes the standard SNMPv1 MIB (management information base), as well
as the NASUNI-FILER-MIB, SNMPv2-MIB, HOST-RESOURCES-MIB, UCD-SNMP-MIB, UCD-DISKIOMIB, and IF-MIB. Both 32-bit and 64-bit SNMP network counters are supported. The SNMP server is
available on port 161.
Each of the displayed MIBs is a link. If you click a link, a page with that MIB information appears.
Data available in SNMP updates includes the following:
•
Network information, such as:
•
•
•
•
•
•
Inbound and outbound traffic by type and by port
Volume information, such as:
•
Size
•
TIme of last snapshot
Local cache information, such as:
•
Total space
•
Used space
•
Free space
•
Unprotected data
•
Cache hit/miss rate
CPU performance information, such as:
•
Percent utilization
•
Load averages
Memory usage information, such as:
•
Memory utilization
•
Swap utilization
Disk performance information, such as:
•
Number of disk reads and writes per disk
•
Bytes read and written per disk
•
Client information, such as: Number of connected CIFS, iSCSI, and Mobile Access clients
•
Snapshot and sync information, such as:
•
•
Number of Merge Conflicts
•
Snapshot success (version) count per volume
•
Times for Snapshots (start, end, delta) per volume
Traps information for anything that would generate an email alert
Nasuni Management Console Guide 7.9
228
Filers Page
SNMP Settings
Viewing SNMP settings
To view SNMP settings, follow these steps:
1. Click Filers, then click SNMP Settings in the left-hand column. The Filer SNMP Settings page
displays a list of managed Nasuni Filers.
Figure 8-54: Filer SNMP Settings page.
The following information appears for each Nasuni Filer in the list:
•
Description: The description of the Nasuni Filer. You can change the description, as
detailed in “Nasuni Filer Description” on page 203.
•
SNMP V1, V2C: Indication of whether SNMP v1,v2c is enabled for this Nasuni Filer: Enabled
or Disabled.
•
Community Name: If SNMP v1,v2c is enabled, the Community Name parameter from
the SNMP settings.
•
SNMP V3: Indication of whether SNMP v3 is enabled for this Nasuni Filer: Enabled or
Disabled.
•
Trap Addresses: If SNMP is enabled, a list of IP addresses or hostnames listening for
SNMP traps.
•
System Info: If SNMP is enabled, additional information appears.
•
Location: The System Location parameter from the SNMP settings. If SNMP monitoring
is disabled, the label “--” appears.
•
Contact: The System Contact parameter from the SNMP settings. If SNMP monitoring
is disabled, the label “--” appears.
Nasuni Management Console Guide 7.9
229
Filers Page
SNMP Settings
Editing SNMP settings
To edit SNMP settings, follow these steps:
1. On the Filer SNMP Settings page, select the Nasuni Filers in the list whose SNMP settings you
want to edit.
2. Click Edit Filers. The SNMP Settings dialog box appears.
Figure 8-55: SNMP Settings dialog box.
3. To copy the SNMP settings from a Nasuni Filer, select the Nasuni Filer from the Copy Settings
drop-down list. The SNMP settings of the selected Nasuni Filer appear in the SNMP Settings
dialog box.
4. To enable SNMP v1,v2c monitoring, click Enable v1,v2c Support. Selecting On enables SNMP
v1,v2c monitoring. Selecting Off disables SNMP monitoring.
If you enable SNMP v1,v2c monitoring, in the Community Name text box, enter the SNMP
community name for the Nasuni Filer. The default community name is public. Changing the
community name from the default improves security.
Nasuni Management Console Guide 7.9
230
Filers Page
SNMP Settings
5. To enable SNMP v3 monitoring, click Enable v3 Support. Selecting On enables SNMP v3
monitoring. Selecting Off disables SNMP monitoring.
If you enable SNMP v3 monitoring, enter a Username and Password for SNMP v3
authorization.
6. If you enable SNMP monitoring, in the System Location text box, enter the physical location of
the Nasuni Filer.
7. If you enable SNMP monitoring, in the System Contact text box, enter the contact information
of the person responsible for SNMP monitoring for the Nasuni Filer.
8. If you enable SNMP monitoring, in the Trap Addresses text box, enter a list of IP addresses or
hostnames listening for SNMP traps, separated by commas. If you do not want to listen for
SNMP traps, leave this blank.
If you enter any trap addresses, you can send a test trap by clicking Send Test Trap.
9. Click Save SNMP Settings. The SNMP settings are changed. The Nasuni Filers appear in the
list on the Filer SNMP Settings page.
Alternatively, to exit the dialog box without changing the SNMP settings, click Close.
Nasuni Management Console Guide 7.9
231
Filers Page
Time Configuration
Time Configuration
You can set the time zone and time server for the Nasuni Filer, which are necessary for notifications and
file sharing purposes. The time zone setting you select should be for the region where the Nasuni Filer
is located. For example, use “US/Eastern” if you are located in the eastern part of the United States.
See www.nasuni.com/support/documentation for a worksheet for planning configurations.
Viewing time zone and time source settings
To view time zone and time source settings, follow these steps:
1. Click Filers, then click Time Configuration in the left-hand column. The Filer Time
Configuration page displays a list of managed Nasuni Filers.
Figure 8-56: Filer Time Configuration page.
The following information appears for each Nasuni Filer in the list:
•
Description: The description of the Nasuni Filer. You can change the description, as
detailed in “Nasuni Filer Description” on page 203.
•
Time Zone: The major world time zone where the Nasuni Filer is located.
•
NTP Servers: The NTP time servers from which the Nasuni Filer obtains time information.
•
Current Time: The current date and time of the Nasuni Filer.
Note: The current time is only available for Nasuni Filers running version 7.5 or above.
•
Current Time (timezone): The current date and time of the Nasuni Filer in the current time
zone.
Note: The current time is only available for Nasuni Filers running version 7.5 or above.
Nasuni Management Console Guide 7.9
232
Filers Page
Time Configuration
Editing time zone and time source settings
To edit time zone and time source settings, follow these steps:
1. On the Filer Time Configuration page, select the Nasuni Filers in the list whose time zone and
time source settings you want to edit.
2. Click Edit Filers. The Timezone Settings dialog box appears.
Figure 8-57: Timezone Settings dialog box.
3. To copy the time zone and time source settings from a Nasuni Filer, select the Nasuni Filer from
the Copy Settings drop-down list. The time zone and time source settings of the selected
Nasuni Filer appear in the dialog box.
4. From the Time Zone drop-down list, select a time zone.
5. In the Time Server text box, enter the names of one or more valid Network Time Protocol (NTP)
servers, separated by commas. By default, all Nasuni Filers are set to use Nasuni's NTP server,
time.nasuni.com, to set the time daily. If you cannot open port 123 in your firewall to access
time.nasuni.com, you should change to an internal NTP server.
You can also specify using NTP services from Active Directory domain controllers, and from
other domain controllers.
6. Click Save Timezone. The time zone and time source settings are changed. The Nasuni Filers
appear in the list on the Filer Time Configuration page.
Alternatively, to exit the dialog box without changing the time zone and time source settings,
click Close.
Nasuni Management Console Guide 7.9
233
Filers Page
Web Access Branding
Web Access Branding
Edit
You can use the Web Access feature to access CIFS share data or NFS export data stored in the
Nasuni Filer using a Web browser. You can configure the Web Access display to include elements of
your organization’s branding, including logo and colors. For information on Web Access, see “Web
Access” on page 157. To enable Web Access, see at step 20 on page 118.
To configure Web Access branding, follow these steps:
1. Click Filers, then select Web Access Branding from the list on the left-hand side. The Web
Access Branding page displays a list of managed Nasuni Filers.
Figure 8-58: Web Access Branding page.
The following information appears for each Nasuni Filer in the list:
•
Logo: The logo on the Web Access display.
•
Primary Color: The primary color, which is used for items including Shares, Settings, and
Logout on the Web Access display.
•
Secondary Color: The secondary color, which is used for items including Add Folder,
Upload File, and Sort on the Web Access display.
2. On the Web Access Branding page, select the Nasuni Filers in the list whose Web Access
branding you want to edit.
3. Click Edit Filers. The Web Access Branding dialog box appears.
Figure 8-59: Web Access Branding dialog box.
4. To copy the Web Access branding settings from a Nasuni Filer, select the Nasuni Filer from the
Copy Settings drop-down list. The Web Access branding settings of the selected Nasuni Filer
appear in the dialog box.
Nasuni Management Console Guide 7.9
234
Filers Page
Web Access Branding
5. To include a logo on the Web Access display, click the Logo area and navigate to a logo
graphics file. The maximum file size is 500 KB.
6. To change the primary color, which is used for items including Shares, Settings, and Logout on
the Web Access display, click the Primary Color area and select a primary color.
7. To change the secondary color, which is used for items including Add Folder, Upload File, and
Sort on the Web Access display, click the Secondary Color area and select a secondary color.
8. To revert to the default logo, primary color, and secondary color, click Set Defaults.
9. Click Save Rules. Your settings are saved.
Figure 8-60: Web Access Branding dialog box with new logo and colors.
The Web Access page appears with the selected logo and colors.
Figure 8-61: Web Access page with branding.
Nasuni Management Console Guide 7.9
235
Filers Page
Migrations
Migrations
You can view information about data migrations to Nasuni Filers.
Note: To create or modify data migrations, you must use the Nasuni Filer user interface.
Tip: Perform any necessary data migrations to the volume before enabling Remote Access.
Otherwise, data migration processing can impact the synchronization of remote volumes.
After you configure the Nasuni Filer, the best way to load your data to a volume is by using the Data
Migration Service. This feature supports multiple sources and targets for migrations using the CIFS or
NFS protocols. The Data Migration Service copies files; it does not move them. Therefore, the source
data is not modified during the migration process.
While a migration is running, you can configure and schedule additional migrations to run one after the
other. Migration procedures can only run one at a time.
Viewing migrations
To view migrations, follow these steps:
1. Click Filers, then click Migrations in the left-hand column. The Data Migrations page displays
a list of migrations.
Figure 8-62: Data Migrations page.
The following information appears for each migration:
•
Migration: The name of the data migration.
•
Source: The source of the migration data.
•
Target: The destination of the migration data.
•
Filer: The name of the Nasuni Filer with this migration.
•
Migration Status: The status of the migration, such as Ready, Running, Interrupted,
Completed, Suspended, or Canceled.
Note: Suspended migrations resume at the next scheduled start time.
•
Scheduled: Whether the migration is scheduled to run: Yes (migration is scheduled) or
No (migration is not scheduled).
•
Current Operation: If the data migration is running, the operation that the data migration
is currently performing.
Nasuni Management Console Guide 7.9
236
Filers Page
•
Migrations
Current Progress: Number of files that have completed migration compared to the total
number of files to be migrated. For example, “5,000 files out of 12,000 files”.
Nasuni Management Console Guide 7.9
237
Filers Page
Migration Sources
Migration Sources
You can view information about data sources for data migrations to Nasuni Filers.
The Data Migration Service supports multiple sources for migrations using the CIFS or NFS protocols.
The Data Migration Service copies files; it does not move them. Therefore, the source data is not
modified during the migration process.
Tip: Perform any necessary data migrations to the volume before enabling Remote Access.
Otherwise, data migration processing can impact the synchronization of remote volumes.
Note: The Data Migration Service can only migrate files that it has permission to access.
Ensure that the user you configured with the migration source has full access to all the files
that you want to migrate.
Viewing migration sources
To view migration sources, follow these steps:
1. Click Filers, then click Migration Sources in the left-hand column. The Data Migration
Sources page displays a list of migration sources.
Figure 8-63: Date Migration Sources page.
The following information appears for each migration source:
•
Server: The hostname or IP address of the server that is the source of the data.
•
Filer: The name of the Nasuni Filer for this migration.
•
Protocol: The protocol of the migration source: CIFS or NFS.
•
Share/Path: The share (for CIFS) or path (for NFS) for the source data.
•
Status: The status of the connection to the migration source: Connected (if migration source
is connected) or Not Connected (if migration source is not connected).
•
Remote User: The username used to mount the migration source on the Nasuni Filer.
Note: Depending on the settings of the share, the Remote User might be optional and
appear as a blank here.
Note: The Remote User must have permission to read all the files in the share that
you plan to copy. Therefore, you should specify a user with administrative or backup
operator privileges.
Nasuni Management Console Guide 7.9
238
Filers Page
Migration Schedules
Migration Schedules
You can view information about data migration schedules.
While a migration is running, you can configure and schedule additional migrations to run one after the
other. Migration procedures can only run one at a time.
Tip: Perform any necessary data migrations to the volume before enabling Remote Access.
Otherwise, data migration processing can impact the synchronization of remote volumes.
Note: If you configure multiple schedules, they do not run at the same time. A migration runs
at its scheduled time only if no other migration is running. To ensure that one migration does
not impact another, schedule them at different times.
Viewing migration schedules
To view migration schedules, follow these steps:
1. Click Filers, then click Migration Schedules in the left-hand column. The Data Migration
Schedules page displays a list of migration schedules.
Figure 8-64: Date Migration Schedules page.
The following information appears for each migration schedule:
•
Migration: The name of the data migration.
•
Filer: The name of the Nasuni Filer for this migration.
•
Schedule: The schedule for the data migration, including the day and time to Start the
migration and the day and time to Suspend the migration.
•
Last Started: The date and time when this data migration most recently started.
•
Last Finished: The date and time when this data migration most recently finished.
Nasuni Management Console Guide 7.9
239
Filers Page
Mobile Settings
Mobile Settings
You can view and edit the settings for the Mobile Access service.
The Nasuni Mobile Access service enables you to access folders and files from mobile devices,
including iOS-based devices (such as iPhone and iPad) and Android phones. Nasuni Mobile Access is
available for volumes on which the CIFS protocol has been enabled, but not for NFS or iSCSI volumes.
See www.nasuni.com/support/documentation for a worksheet for planning configurations.
Viewing Mobile Access service settings
To view Mobile Access service settings, follow these steps:
1. Click Filers, then click Mobile Settings in the left-hand column. The Mobile Service Settings
page displays a list of managed Nasuni Filers.
Figure 8-65: Mobile Service Settings page.
The following information appears for each Nasuni Filer in the list:
•
Filer: The name of the Nasuni Filer.
•
Additional Mobile API Port: If configured, any additional port for Mobile Access.
•
Session Expiration: Time limit on how long users remain authenticated on mobile devices,
or Unlimited.
•
Limit to a Single Device: Whether users are limited to a single mobile device: Yes (limited)
or No (not limited).
•
Allowed Devices: If enabled, list of mobile devices permitted to access data: Android or
iOS.
•
Actions: Actions available for each Nasuni Filer.
Nasuni Management Console Guide 7.9
240
Filers Page
Mobile Settings
Editing Mobile Access service settings
To edit Mobile Access service settings, follow these steps:
1. On the Mobile Service Settings page, select the Nasuni Filers in the list whose Mobile Access
service settings you want to edit.
2. Click Edit Filers. The Edit Mobile Service Settings dialog box appears.
Figure 8-66: Edit Mobile Service Settings dialog box.
3. To add another port for Mobile Access, enter the port number in the Additional API port text
box. The port number must be between 1 and 65535, inclusive. Leave blank to disable an
additional port.
4. To limit how long users remain authenticated on mobile devices, enter the maximum length of
time in hours in the Session Expiration text field. To allow unlimited session time, enter 0 (zero).
5. To limit users to only one mobile device, select Limit to a single device.
6. To limit the types of mobile devices that can use Mobile Access, select any combination of the
following:
• Android: To allow Android devices to use Mobile Access.
•
iOS: To allow iOS devices to use Mobile Access.
•
Linux: To allow Linux systems to use Mobile Access.
•
OS X: To allow OS X systems to use Mobile Access.
•
Windows: To allow Windows systems to use Mobile Access.
7. Click Save Settings. The Mobile Access service settings are changed. The Nasuni Filers appear
in the list on the Mobile Service Settings page.
Alternatively, to exit the dialog box without changing the Mobile Access service settings, click
Close.
Nasuni Management Console Guide 7.9
241
Filers Page
Mobile Settings
Generating Invitation Link for Mobile Access
You can generate an invitation link that you can send to users. When they access the invitation link on
their mobile device, Mobile Access is installed on their mobile device. This link can also include the
hostname or IP address, the port number, and the username. This can simplify the process of
connecting them to your Nasuni Filers using Mobile Access.
To generate an invitation link for Mobile Access, follow these steps:
1. On the Mobile Service Settings page, click Invitation Link next to the Nasuni Filer. The
Generate Invitation Link dialog box appears.
Figure 8-67: Generate Invitation Link dialog box.
2. In the Host text box, enter the host that Mobile Access users should use.
3. In the Port text box, enter the port that Mobile Access users should use.
To require VPN access, use the internal hostname or IP address, and port 443.
To provide direct external access, use the external hostname or IP address and port.
4. To generate an invitation link, click Generate.
5. The Generate Invitation Link dialog box appears again, showing the invitation link.
Figure 8-68: Invitation Link.
6. Copy the displayed link, to use in email messages to users and other purposes.
7. Click Close to close the dialog box.
Nasuni Management Console Guide 7.9
242
Filers Page
Mobile Licenses
Mobile Licenses
You can view, enable, disable, and delete licenses for the Desktop and Mobile Access services.
See www.nasuni.com/support/documentation for a worksheet for planning configurations.
Viewing licenses for the Desktop and Mobile Access service
To view licenses for the Desktop and Mobile Access service, follow these steps:
1. Click Filers, then click Mobile Licenses in the left-hand column. The Mobile Licenses page
displays a list of Desktop and Mobile Access users for managed Nasuni Filers.
Figure 8-69: Mobile Licenses page.
The following information appears for each user in the list:
•
Username: The username of the Desktop or Mobile Access service user.
•
Filer: The name of the Nasuni Filer for the Desktop and Mobile Access service.
•
Device: The type of mobile device or desktop client the user has, including Android, iPad,
iPod Touch, iPhone, Windows, OS X, and Linux.
•
Enabled: Whether Desktop and Mobile Access is enabled for the user: Enabled or Disabled.
•
Auth Time: The date and time that the user was authorized for Desktop and Mobile Access.
Filtering the Display
Using the Filter text box, you can limit the display to items that match the criteria that you enter. See
“Filtering Displays” on page 394 for details. On this screen, the following field names are available:
•
username: Matches values in the Username field.
•
filer: Matches values in the Filer field.
•
device: Matches values in the Device field.
Nasuni Management Console Guide 7.9
243
Filers Page
Mobile Licenses
Enabling Mobile Access
Enabling a desktop or mobile device allows access by the desktop client or mobile device.
To enable Mobile Access, follow these steps:
1. On the Mobile Licenses page, select the users in the list whose Mobile Access you want to
enable.
2. Click Enable. The Enable Mobile Licenses dialog box appears.
3. Click Enable Mobile Licenses. Mobile Access is enabled for the selected users. The Mobile
Access service settings are changed on the Mobile Service Settings page.
Alternatively, to exit the dialog box without enabling Mobile Access, click Close.
Disabling Mobile Access
Disabling a mobile device or desktop client blocks access and, on the next attempt at access, clears
the mobile device’s cache of any cached files.
To disable Mobile Access, follow these steps:
1. On the Mobile Licenses page, select the users in the list whose Mobile Access you want to
disable.
2. Click Disable. The Disable Mobile Licenses dialog box appears.
3. Click Disable Mobile Licenses. Mobile Access is disabled for the selected users. The Mobile
Access service settings are changed on the Mobile Service Settings page.
Alternatively, to exit the dialog box without disabling Mobile Access, click Close.
Deleting Mobile Access licenses
Deleting a mobile device or desktop client removes the mobile device or desktop client from the list, but
does not block future access. Instead, the user must login again the next time they run the Nasuni
Application.
To delete Mobile Access licenses, follow these steps:
1. On the Mobile Licenses page, select the users in the list whose Mobile Access licenses you
want to delete.
2. Click Delete
. The Delete Mobile Licenses dialog box appears.
3. Click Delete Mobile Licenses. The selected Mobile Access licenses are deleted. The Mobile
Access service settings are changed on the Mobile Service Settings page.
Alternatively, to exit the dialog box without deleting Mobile Access licenses, click Close.
Nasuni Management Console Guide 7.9
244
Filers Page
Refresh License
Refresh License
You can refresh the subscription license of Nasuni Filers. This is ordinarily unnecessary, unless the
license has changed in some way.
Refreshing license
To refresh the subscription license, follow these steps:
1. Click Filers, then click Refresh License in the left-hand column. The Refresh Subscription
License page displays a list of managed Nasuni Filers.
Figure 8-70: Refresh Subscription License page.
The following information appears for each Nasuni Filer in the list:
•
Filer: The name of the Nasuni Filer.
2. Select the Nasuni Filers in the list whose license you want to refresh.
3. Click Update Filers. The Refresh Subscription License dialog box appears.
Figure 8-71: Refresh Subscription License dialog box.
4. To refresh the license of selected Nasuni Filers, click Refresh License.
Alternatively, to exit the dialog box without refreshing the license, click Close.
Nasuni Management Console Guide 7.9
245
Filers Page
Remote Support Service
Remote Support Service
You can view and edit Remote Support Service settings.
The Remote Support Service allows authorized Nasuni Technical Support personnel to remotely and
securely access your Nasuni Filer. This can help Nasuni Technical Support to diagnose and resolve any
issues with your Nasuni Filer quickly and proactively. No changes to your corporate firewalls are
necessary.
This service is disabled by default and is strictly opt-in. You can enable or disable this service at any
time. You can also enable this service for a specific period of time. Enabling this service allows Nasuni
to offer a higher level of service and support.
Tip: If you need technical assistance, contact Nasuni Technical Support and inform them if
you have enabled Remote Support Service.
Note: You receive a notification whenever the Remote Support Service is enabled or
disabled.
Note: If the Remote Support Service is enabled, you can change the Timeout value without
stopping and restarting the Remote Support Service.
Viewing Remote Support Service settings
To view Remote Support Service settings, follow these steps:
1. Click Filers, then click Remote Support in the left-hand column. The Remote Support Service
page displays a list of managed Nasuni Filers.
Figure 8-72: Remote Support Service page.
The following information appears for each Nasuni Filer in the list:
•
Filer: The name of the Nasuni Filer.
•
Remote Support Service: Whether the Remote Support Service is enabled for the Nasuni
Filer: Currently Enabled or Currently Disabled.
•
Timeout: If the Remote Support Service is enabled, the amount of time until the Remote
Support Service becomes disabled. If the Remote Support Service is disabled, the label “No
timeout, unlimited” appears.
•
Nasuni Connected: If the Remote Support Service is currently enabled, whether Nasuni
Technical Support is connected to the Nasuni Filer: Yes (is connected) or No (is not
connected).
Nasuni Management Console Guide 7.9
246
Filers Page
Remote Support Service
Enabling and disabling Remote Support Service
To enable or disable the Remote Support Service, follow these steps:
1. On the Remote Support Service page, select the Nasuni Filers in the list that you want to
enable or disable Remote Support Service for.
2. Click Edit Filers. The Edit Remote Support Service dialog box appears.
Figure 8-73: Edit Remote Support Service dialog box.
3. To enable the Remote Support Service, click Enable Remote Support Service. Selecting On
enables the Remote Support Service. Selecting Off disables the Remote Support Service.
4. If Enable Remote Support is On, the Timeout text box becomes available. Enter the length of
time, in minutes, that you want to permit the Remote Support Service access to be enabled.
Enter 0 (zero) to allow access for an indefinite amount of time.
5. Click Save Settings. The Remote Support Service settings are changed. The Nasuni Filers
appear in the list on the Remote Support Service page. If the Remote Support Service is
enabled with a nonzero Timeout time, a countdown begins.
Alternatively, to exit the dialog box without changing the Remote Support Service settings, click
Close.
Nasuni Management Console Guide 7.9
247
Filers Page
Send Diagnostics
Send Diagnostics
If you experience problems that you cannot resolve, you can send diagnostic information to Nasuni
Technical Support for troubleshooting purposes.
Note: Local diagnostic information is automatically sent when needed, so there is typically no
need to do this, unless instructed to by Nasuni Technical Support. Using Send Diagnostics
includes more information than the automatic diagnostic information.
To send diagnostic information, follow these steps:
1. Click Filers, then select Send Diagnostics from the menu. The Send Diagnostics page
displays a list of managed Nasuni Filers.
Figure 8-74: Send Diagnostics page.
The following information appears for each Nasuni Filer in the list:
•
Description: The description of the Nasuni Filer. You can change the description, as
detailed in “Nasuni Filer Description” on page 203.
•
Actions: Actions available for each Nasuni Filer.
2. Click Send Diagnostics. Diagnostic information is sent to Nasuni and the informational
notification “Successfully sent alerts to nasuni.com support team” is sent.
Nasuni Management Console Guide 7.9
248
Filers Page
Side Load
Side Load
Nasuni supports a Disaster Recovery (DR) process that enables you to recover the Nasuni Filer after a
true disaster, such as the loss of a data center. However, most of the time, clients perform the Disaster
Recovery process in order to upgrade from one piece of hardware to another.
In such a situation, there is a working Nasuni Filer in their data center that contains active data in the
cache. Performing the Disaster Recovery process results in a new Nasuni Filer that has an empty
cache. The client often then re-populates the new cache with data, which can require considerable
inbound bandwidth from the cloud, and which can take days, weeks, or even months to complete.
The Side Load feature enables you to transfer cache data directly from the source Nasuni Filer to the
new Nasuni Filer. The source Nasuni Filer must already be decommissioned.
Tip: You cannot perform the Side Load procedure apart from performing the Disaster
Recovery procedure.
Tip: Only one Side Load process is permitted at a time for each Nasuni Filer.
Tip: Only the Admin user can perform the Side Load process.
Tip: The source Nasuni Filer must be:
•
Running;
•
Decommissioned;
•
Using release 7.0 or above.
You can configure Notifications to notify you by email when the Side Load process completes.
To view unprotected files in the cache, see “Unprotected Files” on page 89.
Starting the Side Load process
To start the Side Load process from a source Nasuni Filer to a destination Nasuni Filer, follow these
steps:
1. Click Filers, then click Side Loads in the left-hand column. The Side Loads page displays a list
of Side Load processes for managed Nasuni Filers.
Figure 8-75: Side Loads page.
Nasuni Management Console Guide 7.9
249
Filers Page
Side Load
2. Click Add Side Load. The Add Side Load dialog box appears.
Figure 8-76: Add Side Load page.
3. From the Destination Filer drop-down box, select the Nasuni Filer that is the source of the data
for the
4. In the Host Address text box, enter the host address of the source. The source Nasuni Filer
must already be decommissioned.
5. In the Username text box, enter the username for the specified source Nasuni Filer. The source
Nasuni Filer must already be decommissioned.
6. In the Password text box, enter the password for the specified Username for the specified
source Nasuni Filer. The source Nasuni Filer must already be decommissioned.
7. Click Connect and Start.
A connection is established with the data of the source Nasuni Filer. Data begins moving to the
destination Nasuni Filer.
After the data transfer starts, you can view the progress of the Side Load process.
8. When the Side Load process completes, the Complete label appears.
Tip: Record any information you want to retain from the screen.
Nasuni Management Console Guide 7.9
250
Filers Page
Side Load
Viewing and controlling the Side Load process
To view or control the progress of the Side Load process, follow these steps:
1. Click Filers, then click Side Loads in the left-hand column. The Side Loads page displays a list
of Side Load processes for managed Nasuni Filers.
Figure 8-77: Side Loads page.
The following information appears for each Side Load process in the list:
•
Destination Filer: The Nasuni Filer whose cache you want to move data to.
•
Source Decommissioned Filer: The host address of the source Nasuni Filer. The source
Nasuni Filer must already be decommissioned.
•
Progress: A bar graph indicating the progress of the Side Load process. The percentage of
the Side Load process that is complete appears. If the Side Load process is running, the
Running label appears. If the Side Load process is paused, the Paused label appears. In
addition, the following information appears:
•
•
Data Processed: The amount of data processed (in KB, MB, GB, or TB) and the total
amount of data to process (in KB, MB, GB, or TB).
•
Est. Rate: The estimated rate of data transfer (in KB/S, MB/S, GB/S, or TB/S).
•
Est. Time Remaining: The estimated time until the Side Load process is complete.
Actions: Actions available for each Side Load process.
2. To pause a running Side Load process, click Pause. The Side Load process pauses indefinitely.
The bar graph label changes to Paused.
To continue with the Side Load process after a pause, click Resume. The Side Load process
continues. The bar graph label changes to Running.
3. To cancel the Side Load process, click Cancel. The Cancel Side Load dialog box appears.
Figure 8-78: Cancel Side Load dialog box.
Nasuni Management Console Guide 7.9
251
Filers Page
Side Load
To cancel the Side Load process, click Cancel Side Load. If the Side Load process is canceled,
the bar graph label changes to Canceled.
Tip: Record any information you want to retain from the screen.
4. When the Side Load process completes, the Complete label appears on the bar graph.
Tip: Record any information you want to retain from the screen.
Nasuni Management Console Guide 7.9
252
Filers Page
Cache Jobs
Cache Jobs
You can view the status of jobs that bring data or metadata into the cache, such as Bring into Cache
(see “Bringing Data into Cache of the Nasuni Filer” on page 80) and Auto Cache (see “Enabling Auto
Cache for Folders” on page 83). You can also cancel jobs that are unnecessary.
To view unprotected files in the cache, see “Unprotected Files” on page 89.
Viewing cache jobs
To view cache jobs, follow these steps:
1. Click Filers, then click Cache Jobs in the left-hand column. The Filer Cache Jobs page
displays a list of cache jobs.
Figure 8-79: Filer Cache Jobs page.
The following information appears for each cache job:
•
Filer: The name of the Nasuni Filer where this cache job is occurring.
•
Volume: The name of the volume on which this cache job is occurring.
•
Path in Volume: The path in the volume to the data moving to the cache.
•
Type: The type of cache job, such as Manual (for Bring into Cache) or Auto (for Auto
Cache).
•
Data/Metadata: An indication whether data or metadata is moving to the cache.
•
Number of Items: The number of items to transfer.
•
Actions: Actions available for this cache job.
•
Status: The status of this cache job.
2. To cancel a running cache job in the list, click Cancel. A dialog box appears. Confirm that you
want to cancel the job.
The job is canceled.
Nasuni Management Console Guide 7.9
253
Filers Page
CIFS Clients
CIFS Clients
You can view the status of Nasuni Filer CIFS clients. You can also disconnect the CIFS client, reset
CIFS clients, and reset the CIFS authorization cache.
Viewing CIFS clients
To view CIFS clients, follow these steps:
1. Click Filers, then click CIFS Clients in the left-hand column. The Filer CIFS Clients page
appears.
Figure 8-80: Filer CIFS Clients page.
The following information appears for each CIFS client:
•
Filer: The name of the Nasuni Filer.
•
Share: Name of the CIFS share.
•
User: The name of the connected user.
•
Client: The hostname or IP address of the client.
•
Client Name: The name of the client.
•
Actions: Actions available for each CIFS client.
Nasuni Management Console Guide 7.9
254
Filers Page
CIFS Clients
Disconnecting clients from a share
You can disconnect a CIFS client connected to a CIFS share of the Nasuni Filer.
Note: Some CIFS clients automatically re-connect to CIFS shares and can then re-appear in
the listing even after disconnecting them.
To disconnect a CIFS client:
1. On the Filer CIFS Clients page, click Disconnect
appears.
. The Disconnect Client dialog box
Figure 8-81: Disconnect Client dialog box.
2. Click Disconnect Client to disconnect the CIFS client from the share.
Alternatively, to exit this screen without disconnecting the client, click the Close button.
Resetting the CIFS Authentication Cache
Reset authentication cache
You can reset the CIFS authentication cache to clear all CIFS shares for Nasuni Filer users. You might
reset the CIFS authentication cache if instructed by Nasuni Support, or if users are not appearing in a
group they are assigned to via Active Directory or LDAP Directory Services.
To reset the CIFS authentication cache, follow these steps:
1. On the Filer CIFS Clients page, click Reset CIFS Auth Cache. The Reset CIFS Auth Cache
dialog box appears.
2. Select the Nasuni Filers whose CIFS authentication cache you want to reset. Then click Reset
Auth Cache.
This flushes all the cached CIFS authentication data. Alternatively, to not reset the CIFS authentication
cache, click Close.
Nasuni Management Console Guide 7.9
255
Filers Page
CIFS Clients
Resetting All CIFS Clients
Reset clients
You can reset all CIFS clients connected to the Nasuni Filer. You might reset all CIFS clients if
instructed by Nasuni Support, or to remove clients.
To reset all CIFS clients, follow these steps:
1. On the Filer CIFS Clients page, click Reset All Clients. The Reset All Clients dialog box
appears.
2. Select the Nasuni Filers whose CIFS clients you want to reset. Then click Reset Clients.
This resets all CIFS clients for the selected Nasuni Filers. Alternatively, to not reset all CIFS clients, click
Close.
Note: Some CIFS clients automatically re-connect to CIFS shares and can then re-appear in
the listing even after the connection is reset.
Nasuni Management Console Guide 7.9
256
Filers Page
CIFS File Locks
CIFS File Locks
You can view the status of CIFS file locks.
Viewing file locks
To view file locks, follow these steps:
1. Click Filers, then click CIFS File Locks in the left-hand column. The Filer CIFS File Locks page
appears.
Figure 8-82: Filer CIFS File Locks page.
The following information appears for each CIFS client:
•
Filer: The name of the Nasuni Filer.
•
Share: Name of the CIFS share.
•
Client: The hostname or IP address of the client.
•
Path: The path in the share to each file lock.
•
Type: The type of file lock, such as RDONLY, RDWR, or WRONLY.
Filtering the Display
Using the Filter text box, you can limit the display to items that match the criteria that you enter. See
“Filtering Displays” on page 394 for details. On this screen, the following field names are available:
•
filer: Matches values in the Filer field.
•
share: Matches values in the Share field.
•
client: Matches values in the Client field.
•
path: Matches values in the Path field.
•
type: Matches values in the Type field.
Disconnecting file locks
You can disconnect existing CIFS file locks.
To disconnect a CIFS file lock, click Disconnect for the CIFS file lock that you want to disconnect.
Nasuni Management Console Guide 7.9
257
Filers Page
FTP clients
FTP clients
You can view the status of FTP/SFTP clients.
Tip: In order to access data using the FTP/SFTP protocol, the following steps are necessary:
1. Create a CIFS or NFS volume. See “Create Volume” on page 64.
2. Enable the FTP protocol on the volume. See “Enabling multiple volume protocols” on
page 139.
3. (Optional) Configure FTP/SFTP settings. See “Editing FTP settings” on page 202.
4. Add a new FTP/SFTP directory. See “Creating FTP directories” on page 102.
5. (Optional) Create a permission group that has storage access. See “Adding Permission
Groups” on page 350 in the Nasuni Filer Administration Guide.
6. (Optional) Create a user in a permission group that has storage access. See “Adding Users”
on page 356 in the Nasuni Filer Administration Guide. Active Directory and LDAP users can
log in for FTP access just as they do for CIFS access. Also, if anonymous access is enabled,
you don't need a specific group or user.
7. Access files using the FTP/SFTP protocol.
Viewing FTP clients
To view FTP/SFTP clients, follow these steps:
1. Click Filers, then click FTP in the left-hand column. The Filer FTP Clients page displays a list of
managed Nasuni Filers.
Figure 8-83: Filer FTP Clients page.
The following information appears for each managed Nasuni Filer:
•
Filer: The name of the Nasuni Filer.
•
Protocol: The protocol of the client: FTP or SFTP.
•
Client: The hostname or IP address of the client.
•
User: The user name of the user with access to the client.
Nasuni Management Console Guide 7.9
258
Filers Page
FTP clients
Filtering the Display
Using the Filter text box, you can limit the display to items that match the criteria that you enter. See
“Filtering Displays” on page 394 for details. On this screen, the following field names are available:
•
filer: Matches values in the Filer field.
•
protocol: Matches values in the Protocol field.
•
client: Matches values in the Client field.
•
user: Matches values in the User field.
Disconnecting FTP clients
To disconnect FTP/SFTP clients, follow these steps:
1. Click Filers, then click FTP in the left-hand column. The Filer FTP Clients page displays a list of
managed Nasuni Filers.
Figure 8-84: Filer FTP Clients page.
2. For the FTP/SFTP client you want to disconnect, click Disconnect
dialog box appears.
. The Disconnect Client
3. To disconnect the client, click Disconnect Client. Otherwise, click Close.
Nasuni Management Console Guide 7.9
259
Filers Page
Filer Heuristics
Filer Heuristics
Chart
For all Nasuni Filers or for each Nasuni Filer, you can view the number of each type of file and the
number of each size of file stored using the Nasuni Management Console. These metrics can be useful
for planning storage.
To view file metrics:
1. Click Filers, then select Heuristics from the list. The Filer Heuristics page appears.
Figure 8-85: Filer Heuristics page.
This page displays charts and tables of File Types in snapshots and File Sizes in snapshots.
Nasuni Management Console Guide 7.9
260
Filers Page
Filer Heuristics
2. From the Filer drop-down list, select All Filers or the specific Nasuni Filer you want heuristics
for.
Data Growth chart
A chart of Data Growth appears.
This shows the amount of Licensed data and the amount of Accessible data on the vertical axis versus
time along the horizontal axis. The amount of data is shown in units such as MB, GB, and TB. The
length of time is shown by year and month.
To select or unselect accessible data, click Accessible Data. Accessible data includes data already
protected in the cloud, as well as data in the cache that is not yet protected. To select or unselect
licensed data, click Licensed.
If you hover the mouse over any part of the chart, a label appears displaying details about the amount
of data at that date and time.
Figure 8-86: Details of data and time on Data Growth chart.
To zoom in on a specific range of displayed data, click the chart at the high end of the range you want,
then drag to the low end of the range you want, then release. The chart rescales to zoom in on the
selected range.
To reset the zoom to the default display, click Reset zoom.
File Types Written
On the left side of the page is a pie chart displaying the percentage of files in the most common
categories. Files are categorized by extension. For example, the Text category includes files
with the extensions .doc, .rtf, and .txt. If you hover the mouse over one of the pie sections, it
displays the name of the category and the number of files in that category.
Below the pie chart is a table displaying the number of files with the most frequent file
extensions. You can sort this table by clicking EXT., CATEGORY, COUNT, or SIZE. Statistics
appear for the most frequent 50 extensions.
File Sizes in snapshots
On the right side of the page is a bar chart displaying the number of files in each size category,
with the size of the files along the vertical axis and the number of files in each size category
along the horizontal axis. If you hover the mouse over one of the bars, it displays the name of
the size category and the number of files in that category.
On the bottom right side of the page is a table displaying the number of files in each of the size
categories. You can sort this table by clicking MAX SIZE or COUNT.
Nasuni Management Console Guide 7.9
261
Filers Page
iSCSI status
iSCSI status
You can view the status of iSCSI targets and initiators.
Viewing iSCSI targets and initiators
To view iSCSI targets and initiators, follow these steps:
1. Click Filers, then click iSCSI in the left-hand column. The Filer iSCSI Status page displays a list
of managed Nasuni Filers.
Figure 8-87: Filer iSCSI Status page.
The following information appears for each iSCSI target:
•
Filer: The name of the Nasuni Filer.
•
Volume: The iSCSI volume on the Nasuni Filer.
•
Target IQN: The target IQN (iSCSI Qualified Name) of the iSCSI volume, in this format:
•
“iqn.”
•
Date that the naming authority took ownership of the domain, in yyyy-mm format.
•
“.”, followed by the reversed domain name of the authority, such as com.nasuni.
•
“:”, followed by a storage target name specified by the naming authority.
Example: iqn.2008-11.com.nasuni:filer.nasuni.net:51
•
LUN Size: Size of the iSCSI volume.
The following information appears for each iSCSI initiator:
•
Filer: The name of the Nasuni Filer.
•
Initiator IQN: The initiator IQN (iSCSI Qualified Name).
•
Target IQN: The target IQN (iSCSI Qualified Name) of the iSCSI volume.
•
Hostname: The hostname of the iSCSI initiator.
•
Addresses: IP address of the iSCSI initiator.
•
Target Volume: Target volume of the iSCSI initiator.
Nasuni Management Console Guide 7.9
262
Filers Page
Network
Network
You can view network settings of Nasuni Filers.
The network address configuration is initially set during installation of the Nasuni Filer. However, you
can change network settings as required.
Viewing network settings
To view network settings, follow these steps:
1. Click Filers, then click Network Settings in the left-hand column. The Filer Network Settings
page displays a list of managed Nasuni Filers.
Figure 8-88: Filer Network Settings page.
The following information appears for each managed Nasuni Filer:
•
Filer: The name of the Nasuni Filer.
•
•
Hostname: The hostname of the Nasuni Filer.
IP Addresses: The IP addresses of the Nasuni Filer. Clicking the link opens a new window
with the Nasuni Filer user interface.
Note: High-availability hardware appliance Nasuni Filers have two IP addresses.
•
Default Gateway: The IP address of the default gateway of the Nasuni Filer.
•
DNS Servers: The IP addresses of the DNS servers of the Nasuni Filer.
•
Search Domains: The search domains for the Nasuni Filer.
•
Details: Additional information about the network, including the following:
•
Network: Number of groups and number of NICs (network interface cards). Clicking
Group or NIC opens the Network Details box.
•
Firewall: Link to the Firewall Settings dialog box.
•
Proxy: Whether an HTTPS proxy server is enabled: Enabled or Disabled.
Nasuni Management Console Guide 7.9
263
Filers Page
Network
2. For the selected Nasuni Filer, in the Details column, click Group or NIC to open the Network
Details dialog box.
Figure 8-89: Network Details dialog box.
The following information appears for each traffic group:
•
Name: Name of the traffic group.
•
Devices: The devices included in the traffic group.
•
Type: The network type: Static or DHCP.
•
IP Address: The IP address in IPv4 (Internet Protocol version 4) dotted decimal format. For
Azure-based and EC2-based Nasuni Filers, this is the Internal IP Address. If you're running
other machines on the EC2 or Azure platforms, you can communicate using the Internal IP
Address instead of the publicly accessible address.
•
Netmask: Subnet mask of the IP address.
•
MTU: The MTU (maximum transmission unit) value indicates the maximum size of each
block of information that can be sent without the data becoming fragmented.
The following information appears for each physical port:
•
Port: Name of the port.
•
MAC Address: Media Access Control address (MAC address) of the port.
•
Carrier: Indicates whether the network interface card (NIC) senses a carrier signal on the
Ethernet cable: yes or no.
•
Speed: Speed of the port.
•
Duplex: Type of duplex.
Click Close to close the dialog box.
Nasuni Management Console Guide 7.9
264
Filers Page
Network
3. For the selected Nasuni Filer, in the Details column, click View Details link to open the Firewall
Settings dialog box.
Figure 8-90: Firewall Settings dialog box.
The following information appears:
•
Allowed GUI Hosts: A list of IP addresses or subnet addresses of hosts that you permit to
access your Nasuni Filer user interface. If any host can access your Nasuni Filer user
interface, the label “Any Host” appears.
•
Allowed SSH Hosts: A list of IP addresses or subnet addresses of hosts that you permit to
access your Nasuni Filer’s Support SSH port. If any host can access your Nasuni Filer’s
Support SSH port, the label “Any Host” appears.
The following information appears for each traffic group:
•
Traffic Group: Name of the traffic group.
•
Policy: The access policy for the traffic group.
•
Allowed Protocols: The protocols allowed for the traffic group.
Click Close to close the dialog box.
Nasuni Management Console Guide 7.9
265
Filers Page
Pending Updates
Pending Updates
You can view pending updates to Nasuni Filers. You can acknowledge warnings about pending
updates.
Viewing pending updates
To view pending updates, follow these steps:
1. Click Filers, then click Pending Updates in the left-hand column. The Outstanding Settings
Updates Filers page displays a list of pending updates.
Figure 8-91: Outstanding Settings Updates Filers page.
The following information appears for each pending update:
•
Setting Change: The setting whose change is pending.
•
Filer: The name of the Nasuni Filer where this change is pending.
•
Initiated By: The user who initiated this pending change.
•
Sent Time: The date and time when the change was initiated.
•
Status: The status of the pending update. If there is a problem with the attempted action, a
caution symbol
appears. Hover the mouse over the symbol for more information.
Acknowledging pending updates
To acknowledge pending updates, follow these steps:
1. On the Outstanding Settings Updates Filers page, for the pending update you want to
acknowledge, hover the mouse over the Status symbol. A message appears.
Figure 8-92: Sample message.
2. To acknowledge the message and remove the pending update from the list, click
Acknowledge. The pending update is removed from the list.
Alternatively, to exit the message without acknowledging the message or removing the pending
update, move the mouse away from the Status symbol. The message no longer appears.
Nasuni Management Console Guide 7.9
266
Filers Page
Platform Settings
Platform Settings
You can view the status and settings of Nasuni Filers running on virtual machines as well as Nasuni
Filer hardware appliance.
Viewing hardware and virtual machine information
To view hardware and platform information, follow these steps:
1. Click Filers, then click Platform in the left-hand column. The Filer Platform Details page
displays a list of managed Nasuni Filers.
Figure 8-93: Filer Platform Details page.
The following information appears for each managed Nasuni Filer on a virtual platform:
•
Filer: The name of the Nasuni Filer.
•
Platform: The virtual or hardware platform of the Nasuni Filer, such as VMware ESX, HyperV, or NF-200.
•
CPU Model: The specific model of CPU.
•
HW Serial (for Nasuni Filer hardware appliances only): The serial number of the
hardware appliance.
•
BIOS Firmware (for Nasuni Filer hardware appliances only): The version number of the
BIOS firmware.
Tip: You can update the firmware of Nasuni Filer hardware appliances using
commands from the Service menu of the console for the Nasuni Filer.
•
BMC Firmware (for Nasuni Filer hardware appliances only): The version number of the
hardware appliance’s BMC (baseboard management controller) firmware.
Tip: You can update the firmware of Nasuni Filer hardware appliances using
commands from the Service menu of the console for the Nasuni Filer.
•
CPU: The CPU frequency in GHz.
•
sockets: The number of CPU sockets.
•
cores: The number of CPU cores.
Nasuni Management Console Guide 7.9
267
Filers Page
Platform Settings
•
Memory: The amount of available RAM in GiB.
•
Cache: The size of the local cache.
•
Sensors (for Nasuni Filer hardware appliances only): Sensor information for the platform.
•
•
Power Supplies: The status of the power supplies. If the status is Alert, you should
investigate the situation.
•
Ambient Temp (for Nasuni Filer hardware appliances only): The ambient temperature in
Celsius and Fahrenheit.
•
Exhaust Temp (for Nasuni Filer hardware appliances only): The exhaust temperature in
Celsius and Fahrenheit.
•
Inlet Temp (for Nasuni Filer hardware appliances only): The inlet temperature in Celsius
and Fahrenheit.
RAID (for Nasuni Filer hardware appliances only): RAID information for Nasuni Filer
hardware appliances only.
•
Battery: Status of the battery for the RAID array. If the status is Alert, you should
investigate the situation.
•
Arrays: Number of RAID arrays and status of the RAID arrays. If the status is Alert, you
should investigate the situation.
•
Disks: Number of disks and status of the disks. If the status is Alert, you should
investigate the situation.
•
Firmware: The version number of the hardware appliance’s RAID firmware.
Tip: You can update the firmware of Nasuni Filer hardware appliances using
commands from the Service menu of the console for the Nasuni Filer.
•
FDE: If Full Disk Encryption is enabled in the client license for a Nasuni Filer, the status
of Full Disk Encryption appears: Enabled or Not Enabled.
Nasuni Management Console Guide 7.9
268
Filers Page
Platform Settings
2. For high-availability hardware appliance Nasuni Filers, click the Platform link. The Nasuni Filer
HA Status dialog box opens.
Figure 8-94: HA Status dialog box.
The following information appears in the Total System Status area for each node:
•
Online status: Indicates whether the node is Online or Offline.
•
Active status: Indicates whether the node is the Active node or the Standby node.
The following information appears in the Standby Node Status area:
•
Hardware Model: The model of the high-availability hardware appliance.
•
CPU Count: The number of CPUs in the standby node.
•
CPU Cores: The number of CPU cores per CPU in the standby node.
•
CPU Frequency: The CPU frequency in GHz.
•
CPU Model: The specific model of CPU.
•
System RAM: The total amount of system RAM in GiB.
•
Serial Number: The serial number of the standby node.
•
Power Supplies: The number of power supplies in the standby node.
•
Power Supply Status: The current status of the standby node power supplies. If the status
is Alert, you should investigate the situation.
•
Inlet Temperature: The standby node inlet temperature in Celsius and Fahrenheit.
•
Exhaust Temperature: The standby node exhaust temperature in Celsius and Fahrenheit.
Nasuni Management Console Guide 7.9
269
Filers Page
Platform Settings
The following information appears in the Node RAID Disks area:
•
Location: Location of the disk in the hardware appliance.
•
Size: Size of the disk.
•
Hardware ID: The hardware identification number of the disk.
•
Status: Status of the disk. If the status is Alert, you should investigate the situation.
Nasuni Management Console Guide 7.9
270
Filers Page
Security Settings
Security Settings
You can view security settings for Nasuni Filers.
The Security mode controls who can access CIFS files and folders that the Nasuni Filer is managing.
The following security modes are available:
•
Publicly Available: (Default) The Publicly Available mode gives access to CIFS shares to all
network users. You can configure write access and specific client access.
•
Active Directory: Active Directory provides a connection to an existing Windows Active
Directory server, so you can control CIFS share access based on the users and groups that an
Active Directory server manages.
•
LDAP Directory Services: LDAP Directory Services provides authentication using LDAP
domains and Kerberos security.
Important: You cannot enable both Active Directory and LDAP Directory Services for a
Nasuni Filer.
See www.nasuni.com/support/documentation for a worksheet for planning configurations.
Viewing security settings
To view security settings, follow these steps:
1. Click Filers, then click Security Settings in the left-hand column. The Filer Security Settings
page displays a list of managed Nasuni Filers.
Figure 8-95: Filer Security Settings page.
The following information appears for each managed Nasuni Filer:
•
Description: The description of the Nasuni Filer. You can change the description, as
detailed in “Nasuni Filer Description” on page 203.
•
Security Mode: The security mode of the Nasuni Filer: Active Directory, LDAP Directory
Services, Publicly Available, or Unknown.
•
Source Domains (Active Directory or LDAP Directory Services only): The source domains
for Active Directory or LDAP Directory Services.
•
NT Name (Active Directory only): The NT Name of the Active Directory domain.
•
Enabled (Active Directory only): Whether the Active Directory domain is enabled: Yes (is
enabled) or No (is not enabled).
•
Provider (LDAP Directory Services only): The Directory Services Provider that matches
your LDAP and Kerberos servers, such as FreeIPA, Generic LDAP/Kerberos, or Apple
OpenDirectory.
Nasuni Management Console Guide 7.9
271
Filers Page
•
Security Settings
•
LDAP Servers (LDAP Directory Services only): The IP addresses or hostnames of the
LDAP servers for the Nasuni Filer to connect to.
•
KDCs (LDAP Directory Services only): The IP addresses or hostnames of the Kerberos
Key Distribution Center (KDC) servers for the Nasuni Filer to connect to.
Currently joined: Whether the Nasuni Filer is currently joined to the Active Directory or
LDAP Directory Services primary domain: Yes (is joined) or No (is not joined).
Nasuni Management Console Guide 7.9
272
Filers Page
Shared Link Status
Shared Link Status
You can view the status of shared links.
A shared link is a secure, signed URL that points to a specific file or folder within Web Access. This can
be useful for providing a trusted partner or contractor with secure access to a folder or file that they do
not have credentials to access directly. For more details on shared links, see “Shared Links” on
page 159 in the Nasuni Filer Administration Guide.
You can control how long until the shared link expires, whether a password is required, and who is
allowed to create shared links. To enable and configure shared links within Web Access, see “Web
Access Settings” on page 119.
Viewing shared links
To view shared links, follow these steps:
1. Click Filers, then click Shared Links in the left-hand column. The Filer Shared Links page
displays a list of shared links for managed Nasuni Filers.
Figure 8-96: Filer Shared Links page.
The following information appears for each shared link:
•
Filer: The name of the Nasuni Filer.
•
Path: The path that the shared link refers to on the volume on the Nasuni Filer.
•
Key: The key that signs the URL of the shared link.
•
Share: The CIFS share that the shared link refers to.
•
Type: The type of item that the shared link refers to, such as File or Directory.
•
Create Time: The date and time that the shared link was created.
•
Expires: The date and time that the shared link expires on. You can change this using Web
Access.
•
Writable: For a directory, indicates whether the shared link permits writing data to the
directory: Yes or No. You can change this by editing the CIFS share.
•
Password Protected: Indicates whether a password must be entered to use the shared
link: Yes or No. You can change this by editing the CIFS share.
•
Username: The username for Web Access.
Nasuni Management Console Guide 7.9
273
Filers Page
Shared Link Status
Deleting shared links
Deleting a shared link ends access using that shared link immediately. You can delete a shared link at
any time.
To delete shared links, follow these steps:
1. On the Filer Shared Links page, select the shared links that you want to delete.
2. Click Delete
. The Delete Shared Links dialog box appears.
3. Click Delete Shared Links. The selected shared links are deleted. The list of shared links
changes on the Filer Shared Links page.
Alternatively, to exit the dialog box without deleting shared links, click Close.
Nasuni Management Console Guide 7.9
274
Filers Page
Shutdown and Reboot
Shutdown and Reboot
You can shut down and reboot Nasuni Filers.
When you shut down the Nasuni Filer, all users are disconnected from the system, and data is not
accessible during the shutdown process. You can choose to shut down the Nasuni Filer immediately,
or to perform a snapshot before shutting down.
Tip: Consider performing a snapshot before shutting down the Nasuni Filer.
Note: When a reboot is requested, a notification is logged that the reboot was requested and
by whom the reboot was requested.
To shut down a Nasuni Filer, follow these steps:
1. Click Filers, then select Shutdown & Reboot from the menu. The Shutdown and Reboot page
displays a list of managed Nasuni Filers.
Figure 8-97: Shutdown and Reboot page.
The following information appears for each Nasuni Filer in the list:
•
Description: The description of the Nasuni Filer. You can change the description, as
detailed in “Nasuni Filer Description” on page 203.
•
Actions: Actions available for each Nasuni Filer.
Nasuni Management Console Guide 7.9
275
Filers Page
Shutdown and Reboot
2. Click Shutdown/Reboot. The Initiate Shutdown/Reboot dialog box appears.
Figure 8-98: Initiate Shutdown/Reboot dialog box.
3. Enter a Username (case-sensitive) and Password (case-sensitive) that has permission to
perform this operation.
4. Select one of the following options:
•
Perform snapshot before shutting down: Performs a snapshot before shutting down. This
ensures that data is fully protected in cloud storage before shutting down. However, this
process can take considerable time, depending on the size of the cache and the amount of
changed and new data in the cache.
Tip: On the Windows Azure virtual platform, virtual machines that have been shut
down continue to incur compute charges. To avoid these charges, use the Windows
Azure Management Portal at https://manage.windowsazure.com/ to stop or
delete the virtual machines.
•
Shut down immediately: (Default) Shuts down the Nasuni Filer without performing a
snapshot. Data that has not already been captured by a snapshot is not protected in cloud
storage. However, data in the cache is not lost. A message notifies you that the system is
shutting down. If you change your mind, you have 60 seconds to cancel the shutdown.
Tip: On the Windows Azure virtual platform, virtual machines that have been shut
down continue to incur compute charges. To avoid these charges, use the Windows
Azure Management Portal at https://manage.windowsazure.com/ to stop or
delete the virtual machines.
•
Reboot immediately: Reboots the Nasuni Filer without performing a snapshot.
Note: On a high availability hardware appliance Nasuni Filer, rebooting this node
triggers a failover to the other high availability node, if that node is online.
Nasuni Management Console Guide 7.9
276
Filers Page
•
Shutdown and Reboot
Reboot and perform a filesystem check: Reboots the Nasuni Filer and forces a file system
check (fsck) on the cache disk when the system reboots.
Note: On a high availability hardware appliance Nasuni Filer, rebooting this node
triggers a failover to the other high availability node, if that node is online.
Note: File system checks (using fsck) are necessary at least every six months.
However, a file system check might take hours to complete (depending on the size of
the cache) and might impact normal operations. To determine if a file system check is
actually necessary, the Nasuni Filer periodically performs a background test. If this
background test determines that a file system check is not necessary, the next file
system check is postponed for another six months. However, if the background test
determines that a file system check is necessary, you receive an alert suggesting that
you perform a reboot and a file system check. This allows you to select a time for
performing a reboot with a file system check that does not impact normal operations.
Even if you don’t receive such an alert, you can choose to perform a reboot with a file
system check, for example, if you want to proactively verify the integrity of the cache,
such as after an unexpected power loss.
Tip: If your Nasuni Filer is a Nasuni Filer hardware appliance or runs in a VMware ESXi
environment or Microsoft Hyper-V environment, you can also force a file system check
(fsck) by holding down the Shift key during a reboot. When the file system check
(fsck) is done, the usual processing continues.
5. Click Update. The selected Nasuni Filers shut down or reboot, as specified.
Alternatively, to exit the dialog box without shutdown or reboot, click Close.
Nasuni Management Console Guide 7.9
277
Filers Page
Software Updates
Software Updates
You can view the currently available Nasuni Filer software updates, and update the software.
When a newer version of the Nasuni Filer software is available for installation, you can update the
software from the Nasuni Management Console. When you update your software, your Nasuni Filer is
updated to the newer version.
Caution: Updating the software disconnects all users currently using the Nasuni Filer.
The system can take several minutes to reboot. The time to reboot can be longer if onetime upgrade operations are necessary.
Note: Nasuni does not recommend applying software updates during your normal business
hours, because this can disrupt access. Apply software updates at night or on weekends.
Tip: Review the release notes of all releases between your current release and the most
recent release. See “Viewing the Nasuni Management Console Release Notes” on page 36
for details.
Viewing Nasuni Filer software updates
To view Nasuni Filer software updates, follow these steps:
1. Click Filers, then click Software Updates in the left-hand column. The Filer Software Updates
page displays a list of managed Nasuni Filers.
Figure 8-99: Filer Software Updates page.
The following information appears for each Nasuni Filer in the list:
•
Description: The description of the Nasuni Filer. You can change the description, as
detailed in “Nasuni Filer Description” on page 203.
•
Current Version: The current version of the software running on the Nasuni Filer. If an
update is available, the label “Update Available” appears.
•
Available Version: The highest currently available version of the Nasuni Filer software. If the
highest currently available version of the Nasuni Filer software is already running on the
Nasuni Filer, the label “No updates available” appears.
2. To force a check for available software updates, click Check for Updates. A check for updates
is done for all Nasuni Filers in the list.
Nasuni Management Console Guide 7.9
278
Filers Page
Software Updates
Updating Nasuni Filer software
Tip: If a Nasuni Filer is joined to a Nasuni Management Console, update the Nasuni
Management Console software before updating the Nasuni Filer software.
To update the Nasuni Filer software, follow these steps:
1. On the Filer Software Updates page, select the Nasuni Filers in the list whose software you
want to update.
2. Click Update Filers. The Update Filer dialog box appears.
Figure 8-100: Update Filer dialog box.
3. To confirm that you want to update the software, enter a Username (case-sensitive) and
Password (case-sensitive) that has permission to perform this operation.
4. Click Update. The software on the selected Nasuni Filers is updated. The Nasuni Filers appear
in the list on the Filer Software Updates page.
Alternatively, to exit the dialog box without updating the software, click Close.
Nasuni Management Console Guide 7.9
279
Filers Page
System Alerts
System Alerts
Edit
You can configure Nasuni Filers to issue alerts for the following conditions:
•
CPU usage exceeds a specified threshold for more than a specified time.
•
Memory usage exceeds a specified threshold for more than a specified time.
•
Snapshots do not occur for more than a specified time.
To view charts of CPU activity and memory usage, see “CPU Activity” on page 183 and “Memory
Usage” on page 183.
To configure alerts, follow these steps:
1. Click Filers, then select System Alerts from the list on the left-hand side. The Filer System
Alerts page displays a list of managed Nasuni Filers.
Figure 8-101: Filer System Alerts page.
The following information appears for each Nasuni Filer in the list:
•
Enabled Alerts: The alerts that are enabled for that Nasuni Filer. These include the
following:
•
CPU Alert: The alarm is issued if the CPU usage exceeds the specified Threshold for the
specified Duration.
•
Memory Usage Alert: The alarm is issued if the memory usage exceeds the specified
Threshold for the specified Duration.
•
Snapshot Alert: The alarm is issued if the volume has no snapshots for the specified
Duration.
•
Threshold: For CPU Alerts and Memory Usage Alerts, the threshold for the alert.
•
Duration: The duration of the alert condition.
2. On the Filer System Alerts page, select the Nasuni Filers in the list whose alerts you want to
configure.
Nasuni Management Console Guide 7.9
280
Filers Page
System Alerts
3. Click Edit Items. The System Alerts dialog box appears.
Figure 8-102: System Alerts dialog box.
4. To copy the System Alerts settings from a Nasuni Filer, select the Nasuni Filer from the Copy
Settings drop-down list. The System Alerts settings of the selected Nasuni Filer appear in the
dialog box.
5. To set a CPU usage alert, select the Enabled switch to On. Enter a Threshold as a percentage
of CPU usage. Enter a Duration, in minutes. The alarm is issued if the CPU usage exceeds the
specified Threshold for the specified Duration.
6. To set a memory usage alert, select the Enabled switch to On. Enter a Threshold as a
percentage of memory usage. Enter a Duration, in minutes. The alarm is issued if the memory
usage exceeds the specified Threshold for the specified Duration.
7. To set a snapshot alert, select the Enabled switch to On. Enter a Duration, in days. The alarm is
issued if the volume has no snapshots for the specified Duration.
8. Click Save Alerts.
Nasuni Management Console Guide 7.9
281
Filers Page
SSL Certificates
SSL Certificates
You can view information about SSL certificates.
By default, the Nasuni Filer is preloaded with a self-signed SSL certificate that is unique to the Nasuni
Filer.
You can also use other SSL certificates to manage the Nasuni Filer.
Note: If something ever goes wrong with the certificates and you are unable to access the
Nasuni Filer user interface, use the service menu console on your hardware appliance or
virtual machine to enter the resetguicert command to reset the certificate to the default
self-signed certificate.
Viewing SSL certificate information
To view SSL certificate information, follow these steps:
1. Click Filers, then click SSL Certificates in the left-hand column. The SSL Certificates page
displays a list of managed Nasuni Filers.
Figure 8-103: SSL Certificates page.
The following information appears for each managed Nasuni Filer:
•
Description: The description of the Nasuni Filer. You can change the description, as
detailed in “Nasuni Filer Description” on page 203.
•
SSL Certificates: A list of the SSL certificates of the Nasuni Filer. Each SSL certificate is
labeled either “Currently in use by the Filer web-based user interface.” or “Can be enabled
for use by the Filer web-based user interface.”.
Nasuni Management Console Guide 7.9
282
Chapter 9: Account Status Page
Account Status
On the Account Status page, you can view account information and refresh the license. You can also
view serial numbers and authorization codes for Nasuni Filers.
Viewing account status
Click Account Status. The Account Status page displays information about the account.
Figure 9-1: Account Status page.
In the Account area, the following information appears:
•
Account: Name of the account.
•
Serial Number: The serial number for this subscription.
•
Subscription: Subscription mode, such as Standard, Trial, Manual, or Monthly.
•
Expires: The date on which the subscription expires, and how long until that date.
In the Filers area, the following information appears:
•
Max Filers: Maximum number of Nasuni Filers allowed for this subscription.
•
Max Volumes: Maximum number of volumes for each Nasuni Filer allowed for this subscription.
Nasuni Management Console Guide 7.9
283
Account Status Page
Account Status
In the Remote Access area, the following information appears:
•
Max Volumes: Maximum number of volumes for remote access allowed for this subscription.
•
Max Group Size: Maximum size of group for remote access allowed for this subscription.
In the Storage area, the following information appears:
•
Capacity: Total capacity licensed.
Note: If the licensed capacity is exceeded, you can still store more data temporarily. If
your total stored data nears or exceeds your licensed capacity, you receive warnings to
increase your licensed capacity.
•
Used: The amount of the usable capacity actually in use.
•
Available: The amount of the usable capacity still available for use.
•
Estimated Cloud Usage: If the customer license includes private cloud providers, and if the
amount of data stored with private cloud providers is greater than zero, the Estimated Cloud
Usage data is also available.
Refreshing license
Licenses automatically refresh every 24 hours. However, you can manually refresh the license by
clicking Refresh License.
The message “Successfully updated license.” appears. Click the x to close this message box.
Nasuni Management Console Guide 7.9
284
Account Status Page
Serial Numbers
Serial Numbers
On the Serial Numbers page, you can view and obtain the serial numbers associated with your Nasuni
account for Nasuni Filers and the NMC. You need serial numbers and authorization codes to install or
recover Nasuni Filers.
Viewing serial numbers and authorization codes
On the Account Status page, click Serial Numbers. The Serial Numbers page displays serial
numbers and authorization codes.
Figure 9-2: Serial Numbers page.
The following information appears:
•
Serial Number: The serial number.
•
Auth Code: The 6-letter authorization code.
•
Actions: Actions available for this serial number. You can refresh the Auth Code by clicking
Refresh.
•
Type: The type of serial number: Filer or NMC.
•
Description: The description of the Filer or NMC for this serial number.
•
Version: The version of the Nasuni Filer or NMC for this serial number.
Nasuni Management Console Guide 7.9
285
Chapter 10: Console Settings Page
On the Console Settings page, you can view an overview of the configuration of the Nasuni
Management Console.
From the Console Settings page, you can also perform the following actions:
•
Schedule automatic updates of the Nasuni Management Console software.
•
Change the description of the Nasuni Management Console.
•
Configure email settings for Nasuni Filers and the Nasuni Management Console.
•
Configure SNMP settings for the Nasuni Management Console.
•
Configure time servers for the Nasuni Management Console.
•
Configure Directory Services for Active Directory and LDAP Directory Services.
•
Manage encryption keys.
•
Review SSL certificates for the Nasuni Management Console.
•
Manage users and groups for the Nasuni Management Console.
•
Configure the firewall for the Nasuni Management Console.
•
Configure network settings for the Nasuni Management Console.
•
Configure proxy server settings for the Nasuni Management Console.
•
Update the Nasuni Management Console software.
•
Configure remote support settings for the Nasuni Management Console.
•
Send diagnostic information to Nasuni Technical Support about the Nasuni Management
Console.
Nasuni Management Console Guide 7.9
286
Console Settings Page
Configuration Overview page
Configuration Overview page
Click Console Settings. The Configuration Overview page displays.
Figure 10-1: Configuration Overview page.
This page serves as a dashboard for the status of the Nasuni Management Console.
In the Console Settings area, the following information appears:
•
Description: The description of the Nasuni Management Console.
•
Automatic Updates: The days of the week and the time on which to look for automatic
software updates. If no days are selected to look for automatic software updates, then
automatic software updates are disabled.
•
Email Settings: If email alerts are enabled, indicates destination email addresses to which to
send alerts. If email alerts are configured but not enabled, the status is “Email alerts configured
but disabled”. If email alerts are not configured, the status is “Email alerts not configured”.
•
SNMP Monitoring: Indicates whether SNMP monitoring is enabled or disabled.
•
Time Zone: The configured time zone.
•
Time Servers: The configured Network Time Protocol (NTP) servers.
To change any of these settings, click the setting. The appropriate page opens.
In the Users & Security area, the following information appears:
•
Encryption Keys: The number of encryption keys currently in use.
•
SSL Certificates: The number of SSL certificates available.
•
Users / Groups: The number of permission groups and users defined.
To change any of these settings, click the setting. The appropriate page opens.
Nasuni Management Console Guide 7.9
287
Console Settings Page
Configuration Overview page
In the Network area, the following information appears:
•
Hostname: The hostname for the Nasuni Management Console.
•
IP Address: The IP address, plus an indication of the type of IP address: either Static or DHCP.
•
Firewall Allowed Hosts: The hosts that you permit to access your Nasuni Management
Console user interface.
•
Proxy: If proxy server is enabled, indicates the proxy server. If proxy server is not enabled, the
status is “Proxy disabled”.
To change any of these settings, click the setting. The appropriate page opens.
In the Services & Support area, the following information appears:
•
Software Update: Indicates any available software updates.
•
Remote Support: If Remote Support is enabled with no time limit, indicates “The service is
running”. If Remote Support is enabled with a time limit, gives the time until the service shuts
down. If Remote Support is not enabled, indicates “The service is not running”.
•
Uptime: The length of time this Nasuni Management Console has been running.
To change any of these settings, click the setting. The appropriate page opens.
Nasuni Management Console Guide 7.9
288
Console Settings Page
Automatic Software Updates
Automatic Software Updates
You can schedule automatic software updates for the Nasuni Management Console on the Console
Automatic Updates page. This feature is disabled by default.
Tip: To prevent automatic software updates from occurring at inconvenient times, specify
the days and times for automatic software updates to occur. To prevent automatic software
updates entirely, clear all days and times.
Note: Updating the Nasuni Management Console software does not affect Nasuni Filers or
access to data.
You can also manually update the Nasuni Management Console software, as detailed in “Software
Update” on page 360.
Viewing automatic software update settings for the NMC
To view automatic software update settings for the Nasuni Management Console, follow these steps:
1. Click Console Settings, then click Automatic Updates in the left-hand column. The Console
Automatic Updates page displays the current schedule for automatic updates of the software
for the Nasuni Management Console.
Figure 10-2: Console Automatic Updates page.
The following information appears:
•
Days: The days of the week on which to look for automatic software updates. If no days are
selected to look for automatic software updates, then automatic software updates are
disabled.
•
Time: The time at which to look for automatic software updates on the selected days.
Nasuni Management Console Guide 7.9
289
Console Settings Page
Automatic Software Updates
Editing automatic software update settings for the NMC
To edit automatic software update settings for the Nasuni Management Console, follow these steps:
1. On the Console Automatic Updates page, select the days to look for automatic software
updates (for example, Sunday, Tuesday, and Thursday).
2. From the Time drop-down list, select the time on the selected days to look for automatic
software updates.
3. Click Save Schedule. The automatic software update settings for the Nasuni Management
Console are changed.
Nasuni Management Console Guide 7.9
290
Console Settings Page
Description
Description
You can view and change the description of the Nasuni Management Console on the Console
Description page.
You can change the name of the Nasuni Management Console from the name assigned when you
installed it. The name can be up to 140 characters in length.
Viewing description
To view description, follow these steps:
1. Click Console Settings, then click Description in the left-hand column. The Console Description
page displays the description of the Nasuni Management Console.
Figure 10-3: Console Description page.
The following information appears:
•
Description: The description of the Nasuni Management Console.
Editing the description
To edit the description of the Nasuni Management Console, follow these steps:
1. On the Console Description page, enter a new description in the Description text box.
2. To accept your selections, click Save Description. The description is changed.
Nasuni Management Console Guide 7.9
291
Console Settings Page
Email Settings
Email Settings
You can configure email alerts, which are sent to your email account from the Nasuni Management
Console. Email configurations apply to Nasuni Filers under the control of the Nasuni Management
Console. The alert messages you receive can also be viewed on the Notifications page.
To select which alerts to receive, see “Adding Permission Groups” on page 350.
Note: Nasuni Filers managed by the NMC send emails using this configuration. Emails are
sent by the NMC. No emails are sent directly by managed Nasuni Filers.
To configure email settings:
1. Click Console Settings, then select Email Settings in the left-hand column. The Filer &
Console Email Settings page appears.
Figure 10-4: Filer & Console Email Settings page.
2. To enable email notifications, click Enable Email to On. To disable email notifications, click
Enable Email to Off.
Nasuni Management Console Guide 7.9
292
Console Settings Page
Email Settings
3. To send a test email with these settings when you click Save Settings, select the Test Settings
check box.
4. Enter a source email address in the From name text box. You can use this source email
address to filter emails or ensure that it does not go into a spam folder.
5. In the Test Email Recipient text box, enter a destination email address, to which to send alerts.
6. Specify the SMTP server in the SMTP server text box. For example, mail.mycompany.net.
When sending an email alert, Nasuni logs into the specified SMTP server using the specified
credentials and sends the email from the source email address.
7. Specify the SMTP port number in the SMTP port text box. If you do not specify a value, the
default port 25 is used.
8. Optionally, enter a login name (for example, an email account) in the Login text box (casesensitive) if your email server requires it. For example, [email protected]. Optionally,
enter a password (case-sensitive) in the Password text box if your email server requires it.
9. If you require TLS security, select the Require TLS check box.
If this check box is selected, and the email server does not support TLS security, the Nasuni
Filer does not use the server.
If the check box is not selected, TLS security is still used by default if the email server supports
it.
10. To test your settings and then save your settings, click Save Settings. If Test Settings is
selected, a test message is sent to the specified email address for confirmation purposes.
Nasuni Management Console Guide 7.9
293
Console Settings Page
SNMP Monitoring
SNMP Monitoring
You can configure SNMP monitoring of the Nasuni Management Console.
The Nasuni Management Console supports monitoring via the Simple Network Management Protocol
(SNMP) v1, v2c, and v3. The Nasuni Management Console exposes the standard SNMPv1 MIB
(management information base), as well as the SNMPv2-MIB, HOST-RESOURCES-MIB, UCD-SNMPMIB, UCD-DISKIO-MIB, and IF-MIB. Both 32-bit and 64-bit SNMP network counters are supported.
The SNMP server is available on port 161.
Each of the displayed MIBs is a link. If you click a link, a page with that MIB information appears.
Editing SNMP settings
To edit SNMP settings, follow these steps:
1. Click Console Settings, then click SNMP Monitoring in the left-hand column. The Console
SNMP Monitoring page appears.
Figure 10-5: Console SNMP Monitoring page.
Nasuni Management Console Guide 7.9
294
Console Settings Page
SNMP Monitoring
2. To enable SNMP v1,v2c monitoring, click Enable v1,v2c Support. Selecting On enables SNMP
v1,v2c monitoring. Selecting Off disables SNMP monitoring.
If you enable SNMP v1,v2c monitoring, in the Community Name text box, enter the SNMP
community name for the Nasuni Management Console. The default community name is
public. Changing the community name from the default improves security.
3. To enable SNMP v3 monitoring, click Enable v3 Support. Selecting On enables SNMP v3
monitoring. Selecting Off disables SNMP monitoring.
If you enable SNMP v3 monitoring, enter a Username and Password for SNMP v3
authorization.
4. If you enable SNMP monitoring, in the System Location text box, enter the physical location of
the Nasuni Management Console.
5. If you enable SNMP monitoring, in the System Contact text box, enter the contact information
of the person responsible for SNMP monitoring for the Nasuni Management Console.
6. Click Save SNMP Settings. The SNMP settings are changed.
Nasuni Management Console Guide 7.9
295
Console Settings Page
Time Configuration
Time Configuration
You can set the time zone and time server for the Nasuni Management Console, which are necessary
for notifications and file sharing purposes. The time zone setting you select should be for the region
where the Nasuni Management Console is located. For example, use “US/Eastern” if you are located in
the eastern part of the United States.
Setting time zone and time source
To set time zone and time source for the Nasuni Management Console, follow these steps:
1. Click Console Settings, then click Time Configuration in the left-hand column. The Console
Time Configuration page appears.
Figure 10-6: Console Time Configuration page.
The following information appears:
•
Current Time: The current date and time of the Nasuni Management Console.
2. From the Time Zone drop-down list, select a time zone.
3. In the Time Server text box, enter the names of one or more valid Network Time Protocol (NTP)
servers, separated by commas. By default, all Nasuni Filers are set to use Nasuni's NTP server,
time.nasuni.com, to set the time daily. If you cannot open port 123 in your firewall to access
time.nasuni.com, you should change to an internal NTP server.
4. Click Save Timezone. The time zone and time source settings are changed.
Nasuni Management Console Guide 7.9
296
Console Settings Page
Directory Services
Directory Services
The Nasuni Management Console supports Directory Services using either Active Directory or LDAP
(Lightweight Directory Access Protocol) with Kerberos for authentication.
Important: You cannot enable both Active Directory and LDAP Directory Services for a
Nasuni Filer.
You can associate an Active Directory or LDAP Directory Services domain group with a permission
group. This enables you to log in using Active Directory or LDAP Directory Services credentials. See
“Adding Permission Groups” on page 350.
See www.nasuni.com/support/documentation for a worksheet for planning configurations.
About Active Directory
Microsoft's Active Directory (AD) service is capable of providing security across multiple domains or
forests through domain and forest trust relationships. The trusts established between domains allow or
deny users access to resources outside their native domain. After you establish the correct trust
relationships among your Active Directory servers, you can enable access and permissions for users
and groups within the trusted domains. Configuration of trusts between domains is outside the scope
of this document.
Tip: Nasuni also supports the “Identity Management for UNIX” role service for Active
Directory. This feature allows UNIX-style user and group identities to be stored in Active
Directory, and can synchronize identity management across CIFS/SMB and NFS. If your
organization uses this, please contact Nasuni Support.
This feature is sometimes known as RFC 2307 extensions.
The Nasuni Management Console can join one Windows Active Directory domain server and access its
users and groups. These users and groups can only be edited through Active Directory tools.
The Nasuni Management Console joins one domain, called the primary domain. If the client’s
environment has valid, active trust relationships between the primary domain and other domains, the
Nasuni Management Console attempts to discover those domains automatically. You can then select
which of the non-primary domains to allow to access the Nasuni Management Console.
The Nasuni Management Console offers support for trusted domains of multiple Active Directory
servers. This can simplify enabling access and permissions for users and groups within trusted
domains. To use trusted domains of multiple Active Directory servers, you must establish the correct
trust relationships among your Active Directory servers.
There are two aspects to trusted domain support: authentication and sharing. The authentication
aspect allows a user to access a Nasuni Management Console's resources in a different domain. The
sharing aspect enables systems in different domains to access the same data.
About LDAP Directory Services
As an alternative to Microsoft Active Directory, some organizations prefer to use their own LDAP and
Kerberos services. This is often the case for organizations that rely heavily on UNIX-style clients, such
as Linux or Mac OS X. The LDAP protocol is used for identifying users and other resources. The
Nasuni Management Console Guide 7.9
297
Console Settings Page
Directory Services
Kerberos protocol is used for authentication. In lieu of joining a domain, the Nasuni Management
Console requires a Kerberos keytab file, which contains encryption keys associated with network
services (service principal names).
Note: The Nasuni Management Console requires the use of Kerberos for secure
authentication, and does not support storing passwords in LDAP.
Important: You cannot enable both Active Directory and LDAP Directory Services for a
Nasuni Filer.
Joining the Nasuni Management Console (not previously joined to any domain) to a domain
Join
Important: You cannot enable both Active Directory and LDAP Directory Services for a
Nasuni Filer.
Nasuni Management Console Guide 7.9
298
Console Settings Page
Directory Services
If the Nasuni Management Console has not previously joined any Active Directory domain or LDAP
Directory Services domain before, follow these steps:
1. Click Console Settings, then select Directory Services from the list. On the Console
Directory Services page, the Type should be Disabled, and the Connection Status should be
DISABLED.
Figure 10-7: Console Directory Services page.
2. To join an Active Directory domain, follow the procedure below.
Otherwise, to join an LDAP Directory Services domain, skip to step 3 on page 303.
Important: You cannot enable both Active Directory and LDAP Directory Services for a
Nasuni Filer.
a. In the Domain text box, enter the fully qualified Active Directory domain name that you want
the Nasuni Management Console to join, in lower-case letters, such as,
subdomain.domain.com. The Nasuni Management Console joins this domain to
authenticate users from the Active Directory server.
Nasuni Management Console Guide 7.9
299
Console Settings Page
Directory Services
b. Leave Auto Detect selected. If Auto Detect is selected, the wizard attempts to retrieve
pertinent information using DNS.
Note: For Auto Detect to work, the DNS must be configured to refer to directory service
settings.
If, after you click Continue (step i on page 301), the wizard is unsuccessful in automatically
detecting configuration information, deselect Auto Detect. The Directory Service Type
drop-down list becomes available.
c. To automatically alter the system’s hostname so that it is part of the domain to be joined,
select Alter System Hostname. For example, if joining a Nasuni Management Console (such
as nmc) to a domain (such as domain.com), Nasuni recommends using the fully qualified
domain name with the hostname to form the new hostname (such as nmc.domain.com).
Alternatively, if you know that the hostname is correct for this domain, deselect Alter System
Hostname.
d. If Auto Detect is deselected, the Directory Service Type drop-down list becomes available.
From the drop-down list, select Active Directory.
e. (Optional) In the Workgroup text box, enter a local Windows NT-compatible workgroup
name (15 characters maximum) in which the Nasuni Management Console can be accessed.
To use the default workgroup for the domain, leave this field blank. Some domains need this
value if the name cannot be automatically determined.
Tip: This value cannot be changed after the Nasuni Management Console joins the
domain.
f.
(Optional) In the Domain Controller text box, enter the fully qualified domain name of the
primary domain controller. For example, DomainControllerName.domain.com.
Entering a Domain Controller name forces the Nasuni Management Console to use only
that domain controller. However, leaving the Domain Controller text box blank causes the
Nasuni Management Console to use the primary domain controller on the join, and also
allows for domain controller failover. Unless you want only one specific domain controller to
be used, leave the Domain Controller text box blank.
In particular, if you want support for trusted domains of multiple Active Directory servers,
leave the Domain Controller text box blank.
g. (Optional) In the Computer OU text box, enter a domain organization unit in which the Nasuni
Management Console is placed. The computer’s container is the default location. If you leave
this value blank, the Nasuni Management Console is placed in a default location.
Tip: This value cannot be changed after the Nasuni Management Console joins the
domain.
h. (Optional) To use Network Time Protocol (NTP) services provided by domain controllers,
select NTP from Domain Controllers. If no NTP services are available from domain
controllers, the current NTP server is used. See “Time Configuration” on page 296.
Tip: This value cannot be changed after the Nasuni Management Console joins the
domain.
Nasuni Management Console Guide 7.9
300
Console Settings Page
Directory Services
i.
Click Continue. The wizard attempts to look up domain information in the DNS. If successful,
the wizard returns to this page, enters the information found, and deselects Auto Detect. You
can then enter or change any information.
j.
If the message appears that Auto Detect was successful, verify any values that Auto Detect
added, deselect Auto Detect if still selected, then click Continue.
k. The Confirm/Authenticate Directory Service dialog box appears.
Figure 10-8: Confirm/Authenticate Directory Service dialog box.
Enter the user name and password of a user who is authorized to join this Nasuni
Management Console to the specified domain. Click Submit.
l.
The wizard attempts to configure for the specified domain. If successful, the Enable
Domains tab is selected.
Figure 10-9: Enable Domains tab.
A list of available domains appears. From this list, select the domains that you want the
Nasuni Management Console to access.
Click Continue.
Nasuni Management Console Guide 7.9
301
Console Settings Page
Directory Services
m. The wizard attempts to enable the selected domains. If successful, the “Complete the
Configuration” tab is selected.
Figure 10-10: “Complete the Configuration” tab.
Verify the configuration values, then click Finish.
n. The wizard attempts to complete the configuration. If successful, the Console Directory
Services page appears.
Figure 10-11: Console Directory Services page.
The newly joined domain appears in the Domain Settings list.
To configure directory services settings, see “Directory Services” on page 297.
Nasuni Management Console Guide 7.9
302
Console Settings Page
Directory Services
3. Alternatively, to join an LDAP Directory Services domain, follow the procedure below.
Important: You cannot enable both Active Directory and LDAP Directory Services for a
Nasuni Filer.
Important: Before configuring LDAP Directory Services, ensure that SSL client certificates
have been uploaded. See “Uploading SSL Certificates” on page 334.
Important: We recommend the use of indexes for uidNumber and gidNumber attributes. If
your LDAP Directory Server can look up records based on uidNumber and gidNumber quickly
without an index, this is also sufficient.
a. In the Domain text box, enter the fully qualified LDAP Directory Services domain name that
you want the Nasuni Management Console to join, in lower-case letters, such as,
subdomain.domain.com. The Nasuni Management Console joins this domain to
authenticate users from the LDAP Directory Services server.
b. Leave Auto Detect selected. If Auto Detect is selected, the wizard attempts to retrieve
pertinent information using DNS. If the wizard detects an LDAP Directory Services domain, it
also tries to detect the type of domain (FreeIPA, Apple Open Directory, or Generic).
Note: For Auto Detect to work, the DNS must be configured to refer to directory service
settings.
If, after clicking Continue (step g on page 305), the wizard is unsuccessful in automatically
detecting configuration information, deselect Auto Detect. The Directory Service Type
drop-down list becomes available.
c. To automatically alter the system’s hostname so that it is part of the domain to be joined,
select Alter System Hostname. For example, if joining a Nasuni Management Console (such
as nmc) to a domain (such as domain.com), Nasuni recommends using the fully qualified
domain name with the hostname to form the new hostname (such as nmc.domain.com).
Alternatively, if you know that the hostname is correct for this domain, deselect Alter System
Hostname.
d. If Auto Detect is deselected, the Directory Service Type drop-down list becomes available.
From the drop-down list, select LDAP Directory Services.
e. If the directory services provider has not already been selected, from the Directory Services
Provider drop-down list, select the provider that matches your LDAP and Kerberos servers.
Options include FreeIPA, Generic LDAP/Kerberos, and Apple OpenDirectory. By
selecting the appropriate provider, the wizard selects various connection parameters. The
following steps detail the Generic LDAP/Kerberos option where the wizard does not
assume any connection settings.
Note: Some of the following fields are optional, depending on the choice of Directory
Services Provider.
i.
In the LDAP Servers text box, enter a list of the IP addresses or hostnames of the LDAP
servers for the Nasuni Management Console to connect to, separated by commas. Use
lower-case letters.
To use DNS to retrieve information, leave this text box blank.
Nasuni Management Console Guide 7.9
303
Console Settings Page
Directory Services
ii. In the Kerberos KDC Servers text box, enter a list of the IP addresses or hostnames of
the Kerberos Key Distribution Center (KDC) servers for the Nasuni Management Console
to connect to, separated by commas. Use lower-case letters.
To use DNS to retrieve information, leave this text box blank.
iii. From the LDAP ID Schema drop-down list, select the LDAP ID schema to use: RFC2307
or RFC2307bis.
iv. In the LDAP User Search Base text box, enter an LDAP DN (distinguished name) that
indicates a subtree that contains users.
v. In the LDAP Group Search Base text box, enter an LDAP DN (distinguished name) that
indicates a subtree that contains groups.
vi. In the LDAP User Name Attribute text box, enter the LDAP user name attribute.
vii. In the LDAP Group Name Attribute text box, enter the LDAP group name attribute.
viii. In the LDAP Netgroup Search Base text box, enter an LDAP DN (distinguished name)
that indicates a subtree that contains netgroups.
ix. In the LDAP Bind DN text box, enter an LDAP DN (distinguished name) to use instead of
an anonymous bind.
x. In the LDAP Bind Password text box, enter a password to use to bind with DN.
xi. In the Minimum Supported ID text box, enter the minimum user or group ID to map to
the Nasuni Management Console.
To have Auto Detect find this, leave blank.
xii. In the Maximum Supported ID text box, enter the maximum user or group ID to map to
the Nasuni Management Console.
To have Auto Detect find this, leave blank.
xiii. Click Continue. The wizard attempts to look up domain information in DNS. If successful,
the wizard returns to this page, enters the information found, and deselects Auto Detect.
You can then enter or change any information.
Nasuni Management Console Guide 7.9
304
Console Settings Page
f.
Directory Services
The Confirm/Authenticate Directory Service dialog box appears.
Figure 10-12: Confirm/Authenticate Directory Service dialog box.
If necessary, enter the user name and password of a directory user who is authorized to join
this Nasuni Management Console to the specified domain. Click Submit.
g. Click Continue. The wizard attempts to look up domain information in the DNS. If successful,
the wizard returns to this page, enters the information found, and deselects Auto Detect. You
can then enter or change any information.
Figure 10-13: Directory Services page.
h. If the message appears that Auto Detect was successful, verify any values that Auto Detect
added, deselect Auto Detect if still selected, then click Continue.
i.
The wizard checks the provided information before proceeding to the Keytab step. If the
wizard is successful in checking the LDAP domain and other information, the wizard
highlights the Keytab step.
Nasuni Management Console Guide 7.9
305
Console Settings Page
j.
Directory Services
From the Keytab Source drop-down list, select the source of the Kerberos keytab for the
Nasuni Management Console from the following choices:
•
If you select a server, enter the Username, Password, and Repeat Password, then
click Continue.
•
If you select to upload a keytab file, click Browse to navigate to the file, then click
Continue.
k. The wizard checks the provided keytab information before proceeding to the Volume
Selection step. If the wizard is successful in obtaining the Kerberos keytab information, the
“Complete the Configuration” tab is selected.
Verify the configuration values, then click Continue.
l.
The wizard attempts to complete the configuration. If successful, the Console Directory
Services page appears.
Figure 10-14: Console Directory Services page.
The newly joined domain appears in the Domain Settings list.
To configure directory services settings, see “Directory Services” on page 297.
Nasuni Management Console Guide 7.9
306
Console Settings Page
Directory Services
Viewing information about Directory Services already configured
View
To view information about Directory Services, follow these steps:
1. Click Console Settings, then select Directory Services from the list. The Console Directory
Services page appears.
Figure 10-15: Console Directory Services page for Active Directory.
For Active Directory, information on this page includes the following:
•
Type: Type of authentication, such as Publicly Available, Active Directory, and LDAP
Directory Services.
•
Connection Status: The current status of the connection.
ENABLED indicates that the connection has been configured successfully.
DISABLED indicates that the connection has not been configured successfully.
HEALTHY indicates that the connection is successful.
UNHEALTHY indicates that the connection is not successful.
•
Domain Settings: A list of domains appears, displaying the following information:
•
Domain: The IP address or the hostname of the domain.
•
Type: The type of Active Directory domain: Primary or Child.
•
NT Name: The local Windows NT-compatible workgroup name of the Active Directory
domain.
•
Status: The status of the domain: Enabled or Disabled.
2. For Active Directory, to update the list of trusted domains that the Nasuni Management Console
is aware of, click Update Domains.
Nasuni Management Console Guide 7.9
307
Console Settings Page
Directory Services
3. For LDAP Directory Services, the Console Directory Services page looks like this.
Figure 10-16: Console Directory Services page for LDAP Directory Services.
For LDAP Directory Services, information on this page includes the following:
•
Type: Type of authentication, such as Publicly Available, Active Directory, and LDAP
Directory Services.
•
Connection Status: The current status of the connection.
ENABLED indicates that the connection has been configured successfully.
DISABLED indicates that the connection has not been configured successfully.
HEALTHY indicates that the connection is successful.
UNHEALTHY indicates that the connection is not successful.
•
Domain Settings: A list of domains appears, displaying the following information:
•
Domain: The IP address or the hostname of the domain.
•
Details: Details about the Directory Services entry, including the following:
•
•
•
Provider: The Directory Services provider.
•
LDAP Servers: The IP address or the hostname of the servers that service the
domain.
•
KDCs: The IP address or the hostname of the Kerberos Key Distribution Centers
(KDC) that supply session tickets and temporary session keys.
Status: The status of the domain: Enabled or Disabled.
Keytab Contents: The contents of the keytab file used to authenticate to the KDC, including
the following information:
•
Service Type: The service type and the IP address or the hostname of the host that is
offering it.
•
Realm: The IP address or the hostname of the server hosting the application.
Nasuni Management Console Guide 7.9
308
Console Settings Page
Directory Services
Editing LDAP Directory Services domain settings
Configure
To edit settings for the LDAP Directory Services domain, follow these steps:
1. Click Console Settings, then select Directory Services from the list. The Console Directory
Services page appears.
Figure 10-17: Console Directory Services page for LDAP Directory Services.
2. For the domain whose information you want to edit, click Edit. The Edit Domain dialog box
appears.
Figure 10-18: Edit Domain dialog box.
Note: The fields available depend on the Directory Services Provider selected.
3. In the LDAP Servers text box, enter a list of the IP addresses or hostnames of the LDAP servers
for the Nasuni Management Console to connect to, separated by commas. Use lower-case
letters.
To use DNS to retrieve information, leave this text box blank.
4. In the Kerberos KDC Servers text box, enter a list of the IP addresses or hostnames of the
Kerberos Key Distribution Center (KDC) servers for the Nasuni Management Console to connect
Nasuni Management Console Guide 7.9
309
Console Settings Page
Directory Services
to, separated by commas. Use lower-case letters.
To use DNS to retrieve information, leave this text box blank.
5. Click Save. The information is applied to the selected domain.
Updating the keytab file
Update
The Kerberos keytab file contains encryption keys associated with services (the service principal
names) located on servers hosting Kerberos-enabled protocols.
To update the keytab file, follow these steps:
1. Click Console Settings, then select Directory Services from the list. The Console Directory
Services page appears.
Figure 10-19: Console Directory Services page for LDAP Directory Services.
2. Click Update Keytab. The Update Keytab dialog box appears.
Figure 10-20: Update Keytab dialog box.
Nasuni Management Console Guide 7.9
310
Console Settings Page
Directory Services
3. From the Keytab Source drop-down list, select the source of the Kerberos keytab for the
Nasuni Management Console.
•
If you select a server, enter the Username, Password, and Repeat Password, then click
Submit.
•
If you select to upload a keytab file, click Choose File to navigate to the file, then click
Submit.
The keytab file is updated.
Editing Active Directory domain settings
Edit
To edit settings for an Active Directory domain, follow these steps:
1. Click Console Settings, then select Directory Services from the list. The Console Directory
Services page appears.
Figure 10-21: Console Directory Services page.
2. For the domain whose information you want to edit, click Edit. The Edit Domain dialog box
appears.
Figure 10-22: Edit Domain dialog box.
3. To enable or disable resources in the Active Directory domain accessing the Nasuni
Management Console, select or deselect Enable Source.
Tip: The Primary domain cannot be disabled.
Nasuni Management Console Guide 7.9
311
Console Settings Page
Directory Services
4. Click Save. The information is applied to the selected domain.
Editing Active Directory general settings
Edit
To edit settings for Active Directory, follow these steps:
1. Click Console Settings, then select Directory Services from the list. The Console Directory
Services page appears.
Figure 10-23: Console Directory Services page.
2. (Optional) In the Domain Controller text box, enter the fully qualified domain name of the
primary domain controller. For example, DomainControllerName.domain.com.
Entering a Domain Controller name forces the Nasuni Management Console to use only that
domain controller. However, leaving the Domain Controller text box blank causes the Nasuni
Management Console to use the primary domain controller on the join, and also allows for
domain controller failover. Unless you want only one specific domain controller to be used,
leave the Domain Controller text box blank.
In particular, if you want support for trusted domains of multiple Active Directory servers, leave
the Domain Controller text box blank.
3. To rejoin Active Directory after leaving Active Directory, select Rejoin Active Directory.
4. Click Submit. The information is applied to the selected domain.
Nasuni Management Console Guide 7.9
312
Console Settings Page
Domain Settings (for NMCs running versions before 7.8)
Domain Settings (for NMCs running versions before 7.8)
Microsoft's Active Directory (AD) service is capable of providing security across multiple domains or
forests through domain and forest trust relationships. The trusts established between domains allow or
deny users access to resources outside their native domain. After you establish the correct trust
relationships among your Active Directory servers, you can enable access and permissions for users
and groups within the trusted domains. Configuration of trusts between domains is outside the scope
of this document.
Tip: Nasuni also supports the "Identity Management for UNIX" role service for Active
Directory. This feature allows UNIX-style user and group identities to be stored in the Active
Directory, and can synchronize identity management across CIFS/SMB and NFS. If your
organization uses this, please contact Nasuni Support.
This feature is sometimes known as RFC 2307 extensions.
The Nasuni Management Console can join one Windows Active Directory domain server and access its
users and groups. These users and groups can only be edited through Active Directory tools.
The Nasuni Management Console joins one domain, called the primary domain. If the client’s
environment has valid, active trust relationships between the primary domain and other domains, the
Nasuni Management Console attempts to discover those domains. You can then select which of the
non-primary domains to allow to access the Nasuni Management Console.
When joined to Active Directory. the Nasuni Management Console can authenticate user logins using
Active Directory credentials. Joining the Nasuni Management Console to Active Directory only affects
the Nasuni Management Console itself. These settings do not affect any managed Nasuni Filers.
Managed Nasuni Filers do not have to be joined to Active Directory, or be in the same domain as the
Nasuni Management Console.
Nasuni Management Console Guide 7.9
313
Console Settings Page
Domain Settings (for NMCs running versions before 7.8)
Joining the Nasuni Management Console to an Active Directory domain (for NMCs running
versions before 7.8)
Join
Caution: If the Nasuni Management Console is already joined to an Active Directory
domain, this procedure causes the Nasuni Management Console to leave that Active
Directory domain. The Nasuni Management Console loses the resources of all domains
that the Nasuni Management Console is aware of, including users and groups. A Nasuni
Management Console that has left the domain does not provide CIFS access to any
clients.
To join the Nasuni Management Console to an Active Directory domain, follow these steps:
1. Click Domain Settings. The Console Domain Settings page appears.
Figure 10-24: Console Domain Settings page.
The current domain sources, if any, appear in the Domain Sources list.
2. In the Full Windows Domain text box, enter the fully qualified Active Directory domain name
that you want the Nasuni Management Console to join, in lower-case letters, such as,
subdomain.domain.com. The Nasuni Management Console joins this domain to authenticate
users from the Active Directory server.
Nasuni Management Console Guide 7.9
314
Console Settings Page
Domain Settings (for NMCs running versions before 7.8)
3. Optionally, in the Workgroup text box, enter a local Windows NT-compatible workgroup name
(15 characters maximum) in which the Nasuni Management Console can be accessed. To use
the default workgroup for the domain, leave this field blank. Some domains need this value if the
name cannot be automatically determined.
4. Optionally, to display advanced settings, click Show Advanced Settings. The Advanced
Settings area appears.
Figure 10-25: Advanced Settings area.
5. Optionally, in the Computer OU text box, enter a domain organization unit in which the Nasuni
Management Console is placed. The computer’s container is the default location. If you leave
this value blank, the Nasuni Management Console is placed in a default location.
6. Optionally, in the Domain Controller text box, enter the fully qualified domain name of the
primary domain controller. For example, DomainControllerName.domain.com.
Entering a Domain Controller name forces the Nasuni Management Console to use only that
domain controller. However, leaving the Domain Controller text box blank causes the Nasuni
Management Console to use the primary domain controller on the join, and also allows for
domain controller failover. Unless you want only one specific domain controller to be used,
leave the Domain Controller text box blank.
In particular, if you want support for trusted domains of multiple Active Directory servers, leave
the Domain Controller text box blank.
7. Optionally, to use Network Time Protocol (NTP) services provided by domain controllers, select
NTP from Domain Controllers. If no NTP services are available from domain controllers, the
current NTP server is used. See “Time Configuration” on page 296.
8. Click Save Settings to save these settings and join the Active Directory domain. To reset
settings, click Reset.
Nasuni Management Console Guide 7.9
315
Console Settings Page
Domain Settings (for NMCs running versions before 7.8)
9. The Active Directory Authentication dialog box appears.
Figure 10-26: Active Directory Authentication dialog box.
a. In the User Name text box, enter a username that has permissions for joining computers to
the Active Directory domain.
Note: Avoid using the domain name in this field. The username should NOT be in the
following formats: [email protected] or domain\username.
b. In the Password text box, enter the password for the User Name. Confirm this password in
the Repeat Password text box.
c. Click Submit to have the Nasuni Management Console join the Active Directory domain.
Otherwise, click Close.
10. If the Nasuni Management Console successfully joins the Active Directory domain, the Manage
Domains dialog box appears.
Figure 10-27: Manage Domains dialog box.
The list of domains includes the requested Active Directory primary domain and any associated
trusted domains. For each domain in the list, the following information appears:
•
Domain: The name of the Active Directory domain.
•
NT Name: The local Windows NT-compatible workgroup name of the Active Directory
domain.
•
Primary: An indication of whether the Active Directory Domain is the primary domain: Yes or
No.
Nasuni Management Console Guide 7.9
316
Console Settings Page
•
Domain Settings (for NMCs running versions before 7.8)
Enabled: An indication of whether resources in the Active Directory domain have access to
the Nasuni Management Console: Yes or No.
Note: Only users and groups from enabled Active Directory domains have access to
CIFS resources on this Nasuni Management Console.
11. If there is more than one domain available, select the domains allowed access from this Nasuni
Management Console. Click Continue.
12. If the Nasuni Management Console successfully joins to Active Directory, a banner across the
top of the page says, “The system is actively joined to Active Directory.”.
To leave the Active Directory domain, see “Leaving an Active Directory domain (for NMCs running
versions before 7.8)” on page 321.
Viewing Active Directory domains (for NMCs running versions before 7.8)
View
To view Active Directory domains, follow these steps:
1. Click Domain Settings. The Console Domain Settings page appears.
Figure 10-28: Console Domain Settings page.
Nasuni Management Console Guide 7.9
317
Console Settings Page
Domain Settings (for NMCs running versions before 7.8)
2. If the Nasuni Management Console is actively joined to Active Directory, a banner across the
top of the page says, “The system is actively joined to Active Directory.”.
3. If the Nasuni Management Console has successfully joined the domain, a list of Domain
Sources appears. For each Domain Source in the list, the following information appears:
•
Domain: The name of the Active Directory domain.
•
NT Name: The local Windows NT-compatible workgroup name of the Active Directory
domain.
•
Primary: An indication of whether the Active Directory Domain is the primary domain: Yes or
No.
•
Enabled: An indication of whether resources in the Active Directory Domain have access to
the Nasuni Management Console: Yes or No.
4. To update the list of trusted domains that the Nasuni Management Console is aware of, click
Update Domains.
Nasuni Management Console Guide 7.9
318
Console Settings Page
Domain Settings (for NMCs running versions before 7.8)
Changing access for Active Directory domains (for NMCs running versions before 7.8)
Join
You can change which domains are allowed access from the Nasuni Management Console.
To change access for an Active Directory domain, follow these steps:
1. Click Domain Settings. The Console Domain Settings page appears.
Figure 10-29: Console Domain Settings page.
2. Click Edit Domains. The Manage Domains dialog box appears.
Figure 10-30: Manage Domains dialog box.
Nasuni Management Console Guide 7.9
319
Console Settings Page
Domain Settings (for NMCs running versions before 7.8)
The list of domains includes the requested Active Directory primary domain and any associated
trusted domains. For each domain in the list, the following information appears:
•
Domain: The name of the Active Directory domain.
•
NT Name: The local Windows NT-compatible workgroup name of the Active Directory
domain.
•
Primary: An indication of whether the Active Directory Domain is the primary domain: Yes or
No.
•
Enabled: An indication of whether resources in the Active Directory domain have access to
the Nasuni Management Console: Yes or No.
Note: Only users and groups from enabled Active Directory domains have access to
CIFS resources on this Nasuni Management Console.
3. If there is more than one domain available, select the domains allowed access from this Nasuni
Management Console.
4. To save changes, click Save.
Alternatively, to close the dialog box without saving changes, click Close.
Nasuni Management Console Guide 7.9
320
Console Settings Page
Domain Settings (for NMCs running versions before 7.8)
Leaving an Active Directory domain (for NMCs running versions before 7.8)
Leave
Caution: This procedure causes the Nasuni Management Console to leave the Active
Directory domain. The Nasuni Management Console loses the resources of all domains
that the Nasuni Management Console is aware of, including users and groups.
To leave an Active Directory domain, follow these steps:
1. To leave the Active Directory domain, click Leave Domain. The Leave the Domain dialog box
appears.
Figure 10-31: Leave the Domain dialog box.
2. In the User Name text box, enter a username that has permissions for removing computers
from the Active Directory domain.
Note: Avoid using the domain name in this field. The username should NOT be in the
following formats: [email protected] or domain\username.
3. In the Password text box, enter the password for the User Name. Confirm this password in the
Repeat Password text box.
4. Click Leave to have the Nasuni Management Console leave the Active Directory domain.
Otherwise, click Cancel.
The Nasuni Management Console leaves the Active Directory domain.
Nasuni Management Console Guide 7.9
321
Console Settings Page
Encryption Keys
Encryption Keys
You can view, upload, escrow, and delete encryption keys on the Encryption Keys page. The
encryption keys that you upload to the Nasuni Management Console can then be sent to Nasuni Filers
to use with volumes.
The Nasuni Filer automatically encrypts your data at your premises using the OpenPGP encryption
protocol, with 256-bit Advanced Encryption Standard (AES-256) encryption as the default encryption.
The data remains encrypted in cloud storage.
All data on a volume is encrypted using one or more encryption keys before being sent to cloud
storage. Volumes may be encrypted with one or more encryption keys, and encryption keys may be
used for any number of volumes.
There are several actions you can perform on encryption keys, including adding new encryption keys,
enabling or disabling encryption keys, escrowing encryption keys with Nasuni, and, under certain
circumstances, deleting encryption keys.
Important: All uploaded encryption keys should be at least 2048 bits long.
At least one encryption key must be enabled for a volume, but several encryption keys can be enabled
at the same time. When multiple encryption keys are enabled, all of the enabled encryption keys are
used to encrypt data in such a way that any one of the encryption keys can decrypt the data.
There are several reasons you might want to disable an encryption key, such as, when someone with
access to the encryption key leaves the company, or if your enterprise has a policy of rotating
encryption keys periodically. When you disable an encryption key, no future data is encrypted with that
encryption key. However, all data previously encrypted by that disabled encryption key remains
encrypted by that disabled encryption key. For this reason, before you disable an encryption key, you
should consider establishing a snapshot retention policy that removes the data that was encrypted with
the disabled encryption key.
Because volumes must have at least one encryption key associated with them, in practice you add a
new encryption key to a volume first, and then disable the existing encryption key.
You can delete encryption keys, but only in the case where they are not being used by any volumes.
You cannot modify encryption keys stored on the system. For security reasons, encryption keys that
you upload cannot be downloaded from the system. You can only download encryption keys that the
Nasuni Filer has generated internally.
Note: To add an encryption key to a volume, see “Adding encryption keys to a volume”.
Nasuni Management Console Guide 7.9
322
Console Settings Page
Encryption Keys
Viewing encryption keys on the Nasuni Management Console
To view encryption keys on the Nasuni Management Console, follow these steps:
1. Click Console Settings, then click Encryption Keys in the left-hand column. The Encryption
Keys page displays a list of encryption keys on the Nasuni Management Console.
Figure 10-32: Encryption Keys page.
The following information appears for each encryption key in the list:
•
Name: The name of the encryption key.
•
Fingerprint: The fingerprint is a cryptographic hash of the encryption key.
•
Algorithm: The algorithm of the encryption key, such as RSA.
•
Length: The length of the encryption key, in bits.
•
Key ID: The key ID is a shorter version of the fingerprint of the encryption key, generally
including just the last 8 digits.
•
Escrowed by Nasuni: Whether this encryption key is escrowed by Nasuni: Yes (encryption
key is escrowed by Nasuni) or No (encryption key is not escrowed by Nasuni).
•
Actions: Actions available for each encryption key.
Nasuni Management Console Guide 7.9
323
Console Settings Page
Encryption Keys
Uploading (importing or adding) encryption keys to the NMC
You can upload (import or add) encryption keys to the Nasuni Management Console.
You can generate your own encryption keys using any OpenPGP-compatible program, such as PGP or
GnuPG. You can then upload (import or add) the encryption key to the Nasuni Management Console.
The encryption key is used to encrypt your data before it is sent to cloud storage and to decrypt data
when it is read back. The Nasuni Management Console accepts multiple encryption algorithms for
encryption keys.
Important: Imported encryption keys are not automatically escrowed. You MUST SAVE all
imported encryption keys to another location outside the Nasuni Management Console, so
that they are available if needed for disaster recovery. All encryption keys associated with a
volume must be recovered as part of the disaster recovery process. To escrow encryption
keys with Nasuni, see “Escrowing encryption keys with Nasuni” on page 326.
To upload (import or add) encryption keys to the Nasuni Management Console, follow these steps:
1. On the Encryption Keys page, click Upload Encryption Keys. The Import Key(s) dialog box
appears.
Figure 10-33: Import Key(s) dialog box.
2. Click Choose File, then navigate to the encryption key file. This file should be OpenPGPcompatible.
3. If an encryption key passphrase is needed, enter the encryption key passphrase in the Key
Passphrase text box.
4. Click Import Key. The encryption key is imported to the Nasuni Management Console.
Alternatively, to exit this screen without importing any encryption keys, click the Close button.
Nasuni Management Console Guide 7.9
324
Console Settings Page
Encryption Keys
Downloading the NMC’s generated encryption key
You can download the Nasuni Management Console’s automatically-generated encryption key.
When a new Nasuni Management Console is created, it needs an encryption key to encrypt the
configuration information that it backs up regularly, in case the Nasuni Management Console ever
needs to be recovered. The Nasuni Management Console can generate its own encryption key for this
purpose. However, if you upload an encryption key to the Nasuni Management Console before it
generates its own encryption key, it uses the encryption key that you uploaded, and does not generate
its own encryption key.
If the Nasuni Management Console does generate its own encryption key, this generated encryption
key is the only encryption key that can ever be downloaded from a Nasuni Management Console.
If you perform a disaster recovery procedure on a Nasuni Management Console, during which you
upload that generated encryption key to the Nasuni Management Console, then you can no longer
download that encryption key, because downloading uploaded encryption keys is never permitted. As
a result, a Nasuni Management Console might have one encryption key available for download,
because that generated encryption key has never been uploaded to the Nasuni Management Console.
Alternatively, a Nasuni Management Console might not have any encryption key available to download,
either because there was no generated encryption key or because that generated encryption key was
uploaded at some time to the Nasuni Management Console as part of the disaster recovery process.
You cannot download any Nasuni Filer encryption key from a Nasuni Management Console, because
the Nasuni Filer never transmits any encryption keys to a Nasuni Management Console. The Nasuni
Management Console is never in possession of any encryption key generated by a Nasuni Filer. In
particular, if you use the Nasuni Management Console to create a volume on a Nasuni Filer, and specify
generating a new encryption key for that volume, that new encryption key is generated on the Nasuni
Filer, not on the Nasuni Management Console. The only way to download a Nasuni Filer encryption key
is by using the Nasuni Filer user interface.
There are other encryption keys present on the Nasuni Management Console that a Nasuni Filer might
use. However, these encryption keys have been uploaded to the Nasuni Management Console, and are
not eligible for downloading.
Important: Automatically-generated encryption keys are automatically escrowed with
Nasuni. However, Nasuni recommends that you safeguard all of your own encryption keys.
To download the Nasuni Management Console’s generated encryption key, follow these steps:
1. If the Nasuni Management Console’s generated encryption key is available for download, on the
Encryption Keys page, click Download Generated Key
.
2. The generated encryption key is saved in the form of a .pgp file. Safeguard this encryption key
file.
Nasuni Management Console Guide 7.9
325
Console Settings Page
Encryption Keys
Escrowing encryption keys with Nasuni
You can escrow your encryption keys with Nasuni.
Escrowing an encryption key with Nasuni means that you can, at any time, request the encryption key
during a disaster recovery from Nasuni. Your key is protected on Nasuni servers using the same
security practices that we use for all keys escrowed with Nasuni.
To escrow encryption keys with Nasuni, follow these steps:
1. For the encryption key that you want to escrow with Nasuni, on the Encryption Keys page,
click Escrow Key
. The Escrow Encryption Key dialog box appears.
Figure 10-34: Escrow Encryption Key dialog box.
2. Enter a Username (case-sensitive) and Password (case-sensitive) that has permission to
perform this operation.
Caution: You are about to permanently escrow your encryption key with the Nasuni
Corporation. This process is irreversible.
3. Click Escrow Key. Your encryption key is escrowed with Nasuni. The information in the
encryption key list updates to reflect this change.
Alternatively, to exit this screen without escrowing any encryption keys, click the Close button.
Nasuni Management Console Guide 7.9
326
Console Settings Page
Encryption Keys
Deleting Encryption Keys
You can delete encryption keys from the Nasuni Management Console, as long as the encryption key is
not currently assigned to a volume and never has been assigned to a volume. Encryption keys that
were once assigned to a volume, but are now disabled, might be needed for disaster recovery
procedures and so cannot be deleted.
To delete an encryption key from the Nasuni Management Console, follow these steps:
1. For the encryption key that you want to delete, on the Encryption Keys page, click Delete Key
. The Delete Encryption Key dialog box appears.
Figure 10-35: Delete Encryption Key dialog box.
2. Enter a Username (case-sensitive) and Password (case-sensitive) that has permission to
perform this operation.
Caution: You are about to permanently delete this encryption key. This process is
irreversible.
3. Click Delete Key. Your encryption key is deleted. The list of encryption keys updates to reflect
this change.
Alternatively, to exit this screen without deleting any encryption keys, click the Close button.
Nasuni Management Console Guide 7.9
327
Console Settings Page
Session Timeout
Session Timeout
You can configure the session timeout, namely, the time of inactivity that must occur before the Nasuni
Management Console requires you to log in again. The default is 60 minutes.
Setting session timeout
To set the session timeout, follow these steps:
1. Click Console Settings, then click Session Timeout in the left-hand column. The Console
Session Timeout page appears.
Figure 10-36: Console Session Timeout page.
2. In the Idle Timeout text box, enter the time, in minutes, of inactivity that must occur before the
Nasuni Management Console requires you to log in again. The minimum time is 5 minutes, and
the maximum time is 1440 minutes (24 hours).
3. To save these settings, click Save Settings.
Nasuni Management Console Guide 7.9
328
Console Settings Page
SSL Certificates
SSL Certificates
You can view, generate, upload, copy, replace, and delete SSL certificates.
You can view the SSL certificates or self-signed certificate that you can use when accessing the Nasuni
Management Console user interface.
You can also create a new SSL certificate, by generating a new Certificate Request to submit to a
Certificate Authority (CA) for signing. When you receive the signed SSL certificate from the CA, you can
associate the SSL certificate (and optional certificate chain) with the request. After this is done, you can
use that new SSL certificate to manage the Nasuni Management Console.
Viewing SSL certificate information
To view SSL certificate information, follow these steps:
1. Click Console Settings, then click SSL Certificates in the left-hand column. The Console SSL
Certificates page displays a list of SSL certificates for the Nasuni Management Console.
Figure 10-37: Console SSL Certificates page.
The following information appears for each SSL certificate:
•
Name: The name of the certificate. Click View Details for detailed information about this
SSL certificate.
•
End Date: The date that the SSL certificate is valid until.
•
Actions: Available actions for the SSL certificate.
Nasuni Management Console Guide 7.9
329
Console Settings Page
SSL Certificates
2. To view details of an existing SSL certificate, click View Details. The Certificate Details box
appears.
Figure 10-38: Certificate Details box.
The certificate information displayed includes the following:
•
Name: The name of the certificate.
•
Type: The type of certificate.
•
Subject: The string containing the subject of the certificate.
•
Issuer: The string containing the issuing party.
•
Signature type: The type of cryptographic signature of the certificate.
Note: The signature type Sha1WithRsaEncryption is being deprecated and should be
avoided, if possible.
•
Start Date: The date that the certificate becomes effective.
•
End Date: The date that the certificate is no longer in effect.
•
Common Name: The IP address or fully qualified domain name (FQDN) of the web server
that receives the SSL certificate.
•
Country Code: The two-letter ISO abbreviation for the country (for example, US for the
United States) where your organization's office is legally registered.
•
State/Province: The full name of the state or province where your organization's office is
located.
•
Locality Name: The full name of the city where your organization's office is located.
•
Organization: The name under which your organization is legally registered.
3. Click Close to close this box.
Nasuni Management Console Guide 7.9
330
Console Settings Page
SSL Certificates
Copying SSL certificate
You might need to copy an SSL certificate as part of a manual process for recreating or updating an
SSL certificate.
To copy an SSL certificate, follow these steps:
1. Click Console Settings, then click SSL Certificates in the left-hand column. The Console SSL
Certificates page displays a list of SSL certificates for the Nasuni Management Console.
Figure 10-39: Console SSL Certificates page.
2. To copy an existing SSL certificate, select Copy from the Actions drop-down list next to the
name of the certificate in the list. The Copy Certificate dialog box appears.
Figure 10-40: Copy Certificate dialog box.
3. In the New Management Name text box, enter a new name for the certificate.
4. To create a self-signed certificate instead of a certificate request, select Self-Sign Certificate.
Click Copy Certificate. A duplicate certificate is created. If you selected Self-Sign Certificate,
a duplicate self-signed certificate is created.
Alternatively, to exit this screen without copying any certificates, click the Close button.
Nasuni Management Console Guide 7.9
331
Console Settings Page
SSL Certificates
Generating SSL certificates or a self-signed certificate to the NMC
To generate a new SSL certificate or a self-signed certificate to the Nasuni Management Console,
follow these steps:
1. On the Console SSL Certificates page, click Generate Certificate. The Create Certificate
Signing Request page appears.
Figure 10-41: Create Certificate Signing Request page.
2. In the Management Name text box, enter the name that you use to refer to this certificate.
3. In the Common Name text box, enter the fully qualified domain name or IP address that you
use to access the Nasuni Management Console user interface. The optional but most common
choice is the Nasuni Management Console's fully-qualified domain name.
Note: This MUST match the way users connect to the Nasuni Management Console.
4. In the Country Code text box, enter the two-letter country code, such as US.
5. In the State/Province Name text box, enter the name of the state or province, such as
Massachusetts.
6. In the Locality text box, enter the name of the city or town, such as Boston.
7. In the Organization Name text box, optionally enter the name of your organization, such as
Nasuni.
Nasuni Management Console Guide 7.9
332
Console Settings Page
SSL Certificates
8. To create a self-signed certificate instead of a certificate request, select Self-Sign Certificate.
9. Click Save Request. A certificate request is created. If you selected Self-Sign Certificate, a
self-signed certificate is created. Alternatively, to exit this screen without adding any
certificates, click the Close button.
10. If you did not select Self-Sign Certificate, download the certificate request .csr file, on the
SSL Certificates page, by clicking Save Request File next to the name of the certificate
request in the list.
11. Submit this certificate request to a Certificate Authority (CA) for signing.
12. When you receive the signed certificate file, click Add Signed Certificate next to the name of
the certificate request in the list. The Add Certificate Files dialog box appears.
Figure 10-42: Add Certificate Files dialog box.
13. Click Choose File next to Certificate File, then navigate to the PEM-encoded X.509 or PKCS#7
certificate file.
14. Optionally, click Choose File next to Certificate Chain File, then navigate to the certificate
chain file.
15. Click Save Certificate. The certificate is installed and becomes available in the list of
certificates on the Console SSL Certificates page.
Alternatively, to exit this screen without adding a certificate, click the Close button.
Nasuni Management Console Guide 7.9
333
Console Settings Page
SSL Certificates
Uploading SSL Certificates
Uploading
To upload an existing SSL certificate:
1. Click Console Settings, then click SSL Certificates in the left-hand column. The Console SSL
Certificates page displays a list of SSL certificates for the Nasuni Management Console.
Figure 10-43: Console SSL Certificates page.
2. Click Upload Certificate. The Add Certificate Files page appears.
Figure 10-44: Add Certificate Files page.
3. In the Certificate Name text box, enter the name that you use to refer to this SSL certificate.
Nasuni Management Console Guide 7.9
334
Console Settings Page
SSL Certificates
4. To add an SSL key file or SSL key and certificate bundle file, click Choose File next to Key File,
then navigate to the SSL key file or SSL key and certificate bundle file.
5. If an SSL certificate was not part of the bundle file in step 4, to add an SSL certificate, click
Choose File next to Certificate File, then navigate to the SSL certificate file.
6. If an SSL certificate chain was not part of the bundle file in step 4, to add an SSL certificate
chain file, click Choose File next to Certificate Chain File, then navigate to the SSL certificate
chain file.
7. Enter the Password, if required.
8. Click Save Certificate. The certificate is installed and becomes available in the list of
certificates on the Console SSL Certificates page.
Figure 10-45: Console SSL Certificates page.
Nasuni Management Console Guide 7.9
335
Console Settings Page
SSL Certificates
Replacing SSL Certificates or SSL Certificate Chains
You can replace an existing SSL certificate or SSL certificate chain. This might occur if you need an
SSL certificate chain file, or if you are replacing one SSL certificate with another one.
To replace an existing SSL certificate:
1. Click Console Settings, then click SSL Certificates in the left-hand column. The Console SSL
Certificates page displays a list of SSL certificates for the Nasuni Management Console.
Figure 10-46: Console SSL Certificates page.
2. For the SSL certificate that you want to replace, select Replace Signed Certificate/Chain from
the Actions drop-down list next to the name of the certificate in the list. The Add Certificate
Files dialog box appears.
Figure 10-47: Add Certificate Files dialog box.
3. Click Choose File next to Certificate File, then navigate to the PEM- and DER-encoded X.509
file or PKCS#7 certificate file.
4. Optionally, click Choose File next to Certificate Chain File, then navigate to the SSL certificate
chain file.
Nasuni Management Console Guide 7.9
336
Console Settings Page
SSL Certificates
5. Click Save Certificate. The existing certificate is replaced and appears in the list of certificates
on the Console SSL Certificates page.
Nasuni Management Console Guide 7.9
337
Console Settings Page
SSL Certificates
Enabling SSL Certificates
Set
You can select which of several SSL certificates to enable as the SSL certificate for the NMC.
To enable a new SSL certificate:
1. Click Console Settings, then click SSL Certificates in the left-hand column. The Console SSL
Certificates page displays a list of SSL certificates for the Nasuni Management Console.
Figure 10-48: Console SSL Certificates page.
2. For the SSL certificate that you want to select, click Enable Certificate. The Enable SSL
Certificate for NMC dialog box appears.
Figure 10-49: Enable SSL Certificate for NMC dialog box.
3. Enter a Username (case-sensitive) and Password (case-sensitive) that has permission to
perform this operation, then click Enable Certificate. Your changes are saved.
Nasuni Management Console Guide 7.9
338
Console Settings Page
SSL Certificates
Downloading SSL Certificate Request Files
Delete
To download an SSL certificate request file:
1. Click Console Settings, then click SSL Certificates in the left-hand column. The Console SSL
Certificates page displays a list of SSL certificates for the Nasuni Management Console.
Figure 10-50: Console SSL Certificates page.
2. From the Actions drop-down list next to the name of the certificate or certificate request that
you want to save, select Download. The SSL certificate request file is downloaded and saved,
in the way your browser handles downloads.
Nasuni Management Console Guide 7.9
339
Console Settings Page
SSL Certificates
Deleting SSL Certificates or Certificate Requests
Tip: You cannot delete the active SSL certificate.
To delete an SSL certificate or certificate request, follow these steps:
1. Click Console Settings, then click SSL Certificates in the left-hand column. The Console SSL
Certificates page displays a list of SSL certificates for the Nasuni Management Console.
Figure 10-51: Console SSL Certificates page.
2. For the SSL certificate that you want to delete, select Delete from the Actions drop-down list
next to the name of the certificate in the list. The About to Delete Certificate dialog box
appears.
3. Click Delete Certificate. The certificate or certificate request is deleted.
Alternatively, to exit this screen without deleting a certificate, click the Cancel button.
Nasuni Management Console Guide 7.9
340
Console Settings Page
SSL Certificates
Saving SSL Certificates
Delete
To download and save an SSL certificate:
1. Click Console Settings, then click SSL Certificates in the left-hand column. The Console SSL
Certificates page displays a list of SSL certificates for the Nasuni Management Console.
Figure 10-52: Console SSL Certificates page.
2. From the Actions drop-down list next to the name of the certificate or certificate request that
you want to save, select “Save certificate as zip”. The certificate is downloaded and saved as
a zip file, in the way your browser handles downloads.
Nasuni Management Console Guide 7.9
341
Console Settings Page
Console Users and Groups
Console Users and Groups
The Nasuni Filer and the Nasuni Management Console provide role-based access control. You can
define specific access permissions for groups and users to perform actions within the Nasuni Filer and
the Nasuni Management Console user interfaces. You can define up to 150 users and 150 groups.
On the Nasuni Management Console, there is a default group, called NMC Administrators. NMC
Administrators access grants full access to all aspects of the Nasuni Management Console (super
user). The NMC Administrators group cannot be deleted.
Viewing permission groups and users
To view permission groups and users, follow these steps:
1. Click Console Settings, then select Users/Groups in the left-hand column. The Console
Users and Groups Overview page appears.
Figure 10-53: Console Users and Groups Overview page.
The information displayed includes the following:
•
Total Users: The total number of users, including Native Users and Domain Users. To view a
list of users, click the displayed value or click Manage Users.
•
Native Users: The number of native users, namely, users explicitly defined and managed
using the Nasuni Management Console. To view a list of users, click the displayed value or
click Manage Users. To add a user, see “Adding Native Users” on page 345.
Nasuni Management Console Guide 7.9
342
Console Settings Page
Console Users and Groups
•
Domain Users: The number of domain users, namely, users automatically created because
they are members of an Active Directory or LDAP Directory Services domain group
associated with a permission group. To view a list of users, click the displayed value or click
Manage Users. To add a permission group with an associated Active Directory or LDAP
Directory Services domain group, see “Adding Permission Groups” on page 350.
•
Users with Storage Access: The number of native users who are members of permission
groups that have Storage Access enabled. To view a list of users, click the displayed value
or click Manage Users. To add a permission group that has Storage Access enabled, see
“Adding Permission Groups” on page 350.
•
Total Groups: The total number of permission groups, including Groups with Domain
Associations, Groups with Storage Access, and permission groups that do not have Group
Associations or Storage Access. To view a list of permission groups, click the displayed
value or click Manage Groups.
•
Groups with Domain Associations: The number of permission groups that have Active
Directory or LDAP Directory Services domain groups associated with them. To view a list of
permission groups, click the displayed value or click Manage Groups.
•
Groups with Storage Access: The number of permission groups that have Storage Access
enabled. To view a list of permission groups, click the displayed value or click Manage
Groups.
•
Groups without Members: The number of permission groups that do not have any
members. To view a list of permission groups, click the displayed value or click Manage
Groups.
In the Filer Status area, the following properties appear for each Nasuni Filer:
•
Description: The name of each Nasuni Filer.
•
Users with Access: The users that have access to that Nasuni Filer.
•
Groups with Access: The permission groups that have access to that Nasuni Filer.
Nasuni Management Console Guide 7.9
343
Console Settings Page
Console Users and Groups
Viewing Users
You can view existing users.
To view users, follow these steps:
1. On the Console Users and Groups Overview page, click Manage Users. The Console Users
page appears.
Figure 10-54: Console Users page.
The following properties appear for each user:
•
Username: The username of the Nasuni Management Console user. You can change this
by clicking Edit
.
•
Type: The type of user: either Native or Domain. Native users are explicitly defined and
managed using the Nasuni Management Console. Domain users are automatically created
because they are members of an Active Directory or LDAP Directory Services domain group
associated with a permission group.
•
Email: The email address of the Nasuni Management Console user. Might be blank if no
email address is entered. You can change this by clicking Edit
.
•
Groups: Permission groups to which the Nasuni Management Console user belongs. You
can change this by clicking Edit
.
•
Storage Access (For Native Users only): An indication of whether Storage Access is
enabled for any of the groups that the user belongs to: Yes (if Storage Access is enabled) or
No (if Storage Access is not enabled, or if user is a Domain User).
2. To add a user, click Add Native User.
3. To link a domain user, click Add Domain User.
Nasuni Management Console Guide 7.9
344
Console Settings Page
Console Users and Groups
Adding Native Users
You can add native users, which you then assign to permission groups. For each user, you can specify
to which permission groups that user belongs.
To add a native user, follow these steps:
1. On the Console Users and Groups Overview page, click Manage Users. The Console Users
page appears.
Figure 10-55: Console Users page.
2. On the Console Users page, click Add Native User. The Add Native User dialog box appears.
Figure 10-56: Add Native User dialog box.
3. In the Username text box, enter the name for this user. The Username can have up to 30
characters, including letters, digits, and the following symbols:
@
.
+
-
_
(at symbol, period, plus sign, minus sign, underline)
4. In the Email text box, enter the email address for this user.
Nasuni Management Console Guide 7.9
345
Console Settings Page
Console Users and Groups
5. In the Password text box, enter the password for this user. Enter the same password in the
Password confirmation text box. An indicator of password strength appears. Although
password strength is not enforced, you should use strong passwords.
6. In the Groups list, for each of the groups, select or clear the check box for granting membership
to the group.
7. To accept your selections, click Add User. The user is added with membership in the selected
groups.
Alternatively, to exit the dialog box without adding a user, click Close.
Editing Users and Changing User Passwords
You can edit the features of existing users, including editing the password of existing users.
To edit a user, follow the steps in “Adding Native Users” on page 345, except click Edit
Add User. The dialog box is named Edit User.
instead of
To change a user password, in the New Password text box, enter a new password for this user. Enter
the same password in the Password confirmation text box. An indicator of password strength
appears. Although password strength is not enforced, you should use strong passwords.
Click Save User at the end. The user and his or her groups are changed.
Nasuni Management Console Guide 7.9
346
Console Settings Page
Console Users and Groups
Linking Domain Users
You can add a single Domain User, which links the Nasuni Management Console to the account
credentials for an Active Directory or LDAP Directory Services domain. For each user, you can specify
to which permission groups that user belongs.
Note: Adding a domain group allows all Active Directory or LDAP Directory Services users in
that group to access the user interface. You do not need to explicitly add those users. You
only need to add Active Directory or LDAP Directory Services users individually if you do not
want to grant access to the entire group.
Tip: If you plan to link many Domain Users, set up a Group Association with a Domain Group
in order to automatically create Domain Users upon login. See step c of “Adding Permission
Groups” on page 350.
To link a Domain User, follow these steps:
1. On the Console Users and Groups Overview page, click Manage Users. The Console Users
page appears.
Figure 10-57: Console Users page.
Nasuni Management Console Guide 7.9
347
Console Settings Page
Console Users and Groups
2. On the Console Users page, click Add Domain User. The Add Domain User dialog box
appears.
Figure 10-58: Add Domain User dialog box.
3. To link a member of an Active Directory domain group, and allow that member to use their
domain credentials to access volumes on Nasuni Filers, the exact NT-compatible name of a
user in an Active Directory domain is necessary.
In the Username text box, enter any text from the member’s NT-compatible user name, and
click Search. The Select User dialog box appears. Click Search. From the list of members that
include the search text, select the member, then click Add Selected User.
Alternatively, enter the exact NT-compatible user name in the Username text box.
4. In the Groups list, for each of the groups, select or clear the check box for granting membership
to the group.
5. To accept your selections, click Link User. The user is linked with membership in the selected
groups.
Alternatively, to exit the dialog box without linking a user, click Close.
Nasuni Management Console Guide 7.9
348
Console Settings Page
Console Users and Groups
Deleting Users
Note: You cannot delete the last user in the Filer Administrators group.
To delete a user, follow these steps:
1. On the Console Users and Groups Overview page, click Manage Users. The Console Users
page appears.
Figure 10-59: Console Users page.
2. For the user that you want to delete, click Delete
appears.
. The About to Delete User dialog box
3. Click Delete User. The user is deleted.
Alternatively, to exit the dialog box without deleting a user, click Cancel.
Nasuni Management Console Guide 7.9
349
Console Settings Page
Console Users and Groups
Viewing Permission Groups
You can view existing permission groups.
To view permission groups, follow these steps:
1. On the Console Users and Groups Overview page, click Manage Groups. The Console
Groups page appears.
Figure 10-60: Console Groups page.
The following properties appear for each permission group:
•
Group: The name of the permission group. You can change this by clicking Edit
.
•
Users: The number of users in each permission group.
•
Permissions: The permissions that each permission group has. You can change this by
clicking Edit
.
•
Special: Either Domain Group Association, Storage Access Enabled, or blank. You can
change this by clicking Edit
.
2. To add a group, click Add Group.
Adding Permission Groups
You can add permission groups to which you can assign users. For each group, you can specify
exactly which actions the users in that group have permission to perform. You can associate Active
Directory or LDAP Directory Services domain groups with a permission group. You can select which
email alerts each group receives. To configure email, see “Email Settings” on page 292.
Note: Before you associate an Active Directory domain group with a permission group, you
must join the Nasuni Management Console to the domain. See “Domain Settings (for NMCs
running versions before 7.8)” on page 313.
Nasuni Management Console Guide 7.9
350
Console Settings Page
Console Users and Groups
To add a permission group, follow these steps:
1. On the Console Users and Groups Overview page, click Manage Groups, then click Add
Group. The Add Group dialog box appears.
Figure 10-61: Add Group dialog box.
2. In the Group Name text box, enter the name for this group. The Group Name can have up to 30
characters, including letters, digits, and symbols.
3. From the Access Type drop-down list, select the type of access from the following:
•
Storage Access: To grant data access to users in this permission group.
Note: If you select Storage Access, you cannot enter a Group Association.
Nasuni Management Console Guide 7.9
351
Console Settings Page
•
Console Users and Groups
User Interface Access: This Access Type allows you to define NMC permissions, Nasuni
Filer permissions, Nasuni Filer access, and, optionally, any associations to Active Directory
or LDAP Directory Services domain groups.
a. In the NMC Permissions list, select or clear the Nasuni Management Console
permissions that you want to grant to the new group. For a full list of displayed NMC
permissions and the operational permissions that they include, see Appendix D,
“Permissions,” on page 395.
Tip: If you want this group to receive alert emails, you MUST select “Receive alert
emails”.
b. In the Filer Permissions list, select or clear the Nasuni Filer permissions that you want to
grant to the new group. For a full list of displayed Nasuni Filer permissions and the
operational permissions that they include, see Appendix D, “Permissions,” on page 395.
Warning: Users with “Perform File Restores/Access Versions” permission have
the ability to access all files on the file server.
Tip: Users with “Disconnect Users from Access Points” permission have the ability to
disconnect CIFS or NFS users individually, which is sometimes necessary when there
are locked files.
c. (Optional.) To link a domain group (Active Directory or LDAP Directory Services) to this
permission group, and allow members of that domain group to use their domain
credentials to access volumes on Nasuni Filers, the exact domain name and domain
group are necessary.
In the Group Association text box, enter any text from the domain name or the domain
group, and click Search. The Select Group dialog box appears. Click Search. From the
list of domain groups that include the search text, select the domain name and domain
group, then click Add Selected Group.
Alternatively, enter the exact domain name and domain group in the Group Association
text box.
Note: It is not necessary for a permission group to be linked to a domain group.
Note: Adding a domain group allows all users in that group to access the user
interface. You do not need to explicitly add those users. If the group membership
changes after the group is linked, the new members can still log in.
Note: If you use a Group Association, you cannot select Storage Access.
Note: The list of available domain groups are from the domains previously joined to
the Nasuni Management Console. See “Domain Settings (for NMCs running versions
before 7.8)” on page 313.
Note: Domain groups and the members of those groups always have storage access.
d. To receive alerts about all available Nasuni Filer conditions to the configured email
address, select the Receive All Alerts check box.
Tip: If you want this group to receive alert emails, you MUST select “Receive alert
emails” in step a on page 352.
Nasuni Management Console Guide 7.9
352
Console Settings Page
Console Users and Groups
e. If you do not select the Receive All Alerts check box, but you want to receive alerts about
particular Nasuni Filer conditions, in the Subscriptions area, select the particular alerts
about Nasuni Filer conditions that you want sent to the configured email account.
Tip: If you want this group to receive alert emails, you MUST select “Receive alert
emails” in step a on page 352.
The choices include the following:
•
Account Alerts: Alerts related to Nasuni.com account license issues, such as
expiration and capacity limits.
•
Appliance Alerts: Alerts that occur on the appliance.
•
Capacity Alerts: Alerts related to capacity, such as volume quotas, new quotas, and
account limits.
Note: If the licensed capacity is exceeded, you can still store more data temporarily. If
your total stored data nears or exceeds your licensed capacity, you receive warnings
to increase your licensed capacity.
Tip: To receive quota reports, you must enable Capacity Alerts.
f.
•
Conflict Alerts: Notices that merge conflicts have occurred during a sync.
•
Data Migration Alerts: Alerts triggered due to data migration.
•
General Alerts: Alerts not in the other categories.
•
Snapshot Restore Alerts: When you restore data from a snapshot, this alert notifies
you when the restore is complete.
•
Software Updates: Notices that software updates are available.
•
Violation Alerts: Alerts about antivirus violations (infections).
In the Extra Emails text box, enter one or more destination email addresses for sending
alerts to, separated by commas.
4. In the Filer Access list, select or clear the Nasuni Filers to which you want to grant access by
the new group.
5. To accept your selections, click Add Group. The group is added with the selected permissions.
Alternatively, to exit the dialog box without adding a group, click Close.
Editing Permission Groups
You can edit the features of existing groups.
To edit a permission group, follow the steps in “Adding Permission Groups” on page 350, except click
Edit
instead of Add Group. The dialog box is named Edit Group, and you click Save Group at the
end. The group and its permissions are changed.
Nasuni Management Console Guide 7.9
353
Console Settings Page
Console Users and Groups
Deleting Permission Groups
Note: You cannot delete a permission group that has users. Before deleting a permission
group with users, edit each user to remove the permission group from the user.
Note: You cannot delete the NMC Administrators group.
To delete a permission group, follow these steps:
1. On the Console Users and Groups Overview page, click Manage Groups. The Console
Groups page appears.
Figure 10-62: Console Groups page.
1. For the group that you want to delete, click Delete
The About to Delete Group dialog box appears.
2. Click Delete Group. The group is deleted.
Alternatively, to exit the dialog box without deleting a group, click Cancel.
Nasuni Management Console Guide 7.9
354
Console Settings Page
Firewall
Firewall
You can limit which network hosts may connect to the Nasuni Management Console user interface and
the Nasuni Support SSH port. This is similar to firewall protection.
Note: In addition to this protection, you can also configure separate access to shares,
exports, and FTP/SFTP directories, as detailed in “Editing shares” on page 123, “Editing
exports” on page 94, and “Editing FTP directories” on page 108.
To configure firewall protection for the Nasuni Management Console, follow these steps:
1. Click Console Settings, then select Firewall in the left-hand column. The Console Firewall
Configuration page appears.
Figure 10-63: Console Firewall Configuration page.
2. In the UI Hosts text box, enter a comma-separated list of IP addresses or subnet addresses of
hosts that you permit to access your Nasuni Management Console user interface. If the text box
is blank, any host can access your Nasuni Management Console user interface.
3. In the Support SSH Hosts text box, enter a comma-separated list of IP addresses or subnet
addresses of hosts that you permit to connect to your Nasuni Management Console’s Support
SSH port. If the text box is blank, any host can access your Nasuni Management Console’s
Support SSH port.
Note: Setting this field does not prevent the use of the Nasuni Remote Support Service,
as detailed in “Remote Support Service” on page 362.
4. Click Save Firewall Settings to save your entries.
Tip: If you configure the firewall in such a way that you cannot access the Nasuni
Management Console user interface, you can reset the firewall using the console for the
Nasuni Management Console.
Press Enter to access the Service menu. The login prompt appears. Enter the username and
password. The login username is service, and the default password is service. The
Service Menu appears.
Enter resetfirewall
The firewall resets.
Nasuni Management Console Guide 7.9
355
Console Settings Page
Networking
Networking
To configure network settings for the Nasuni Management Console, follow these steps:
1. Click Console Settings, then select Networking in the left-hand column. The Console
Network Configuration page appears.
Figure 10-64: Console Network Configuration page.
2. In the Hostname box, enter a hostname for the Nasuni Management Console. The name that
you enter is the name you provide to users so they can access the Nasuni Management
Console. You can use ASCII letters a through z, digits 0 through 9, and hyphens.
Note: The Nasuni Management Console attempts to register the hostname in the DNS
server, so that users can access this host by name.
Tip: After you change the Hostname of the NMC, you should delete the Active Directory
computer object with that Hostname.
Nasuni Management Console Guide 7.9
356
Console Settings Page
Networking
3. From the Network Type drop-down list, select one of the following:
•
DHCP (Dynamic Host Configuration Protocol): Provides a network IP address for a host on
an IP network automatically. The Network Device Settings and System Settings areas
become unavailable.
•
DHCP with custom DNS: Provides a network IP address for a host on an IP network
automatically. The Network Device Settings area becomes unavailable. Enter the following
information:
•
Enter one or more local search domains in the Search Domain text box, each separated
by a space. You must enter valid hostnames.
You can use search domains to avoid typing the complete address of domains that you
use frequently. The search domains that you enter are automatically appended to names
that you specify for purposes such as Active Directory configuration, data migration
sources, HTTPS proxy, and NTP server. For example, if you specify the search domain
“mycompany.com”, then typing “server1” for one of these purposes would connect to
“server1.mycompany.com”.
Note: There are no search domains for LDAP.
•
•
Enter the IP address for your primary DNS server in the Primary DNS server text box.
You must enter a valid hostname or IP address.
•
Enter the IP address for your secondary DNS server in the Secondary DNS server text
box (if applicable). You must enter a valid hostname or IP address.
Static: You must provide Network Device Settings and System Settings. See your IT
administrator for assistance. Enter the following information:
•
Enter the static IP address in the IP Address text box. The address of a static device
must not already be present on the network. The Nasuni Management Console verifies
this and displays an error if a collision is detected.
•
Enter a netmask address in the Netmask text box.
•
Enter a default gateway address in the Default Gateway text box.
The gateway address must match a subnet of a defined static network. If the External
traffic group is being used, the default gateway address must match that subnet exactly.
•
Enter the MTU value in the MTU Value text box. MTU settings above 1500 are
supported.
The maximum transmission unit (MTU) is the size (in bytes) of the largest protocol data
unit that the layer can pass onwards. A larger MTU brings greater efficiency, because
each packet carries more user data, while protocol overheads, such as headers, remain
fixed; the resulting higher efficiency means a slight improvement in the bulk protocol
throughput. A larger MTU also means processing fewer packets for the same amount of
data. However, large packets can occupy a slow link for some time, causing greater
delays to following packets, and increasing lag and minimum latency.
Nasuni Management Console Guide 7.9
357
Console Settings Page
•
Networking
Enter one or more local search domains in the Search Domain text box, each separated
by a space. You must enter valid hostnames.
You can use search domains to avoid typing the complete address of domains that you
use frequently. The search domains that you enter are automatically appended to names
that you specify for purposes such as Active Directory configuration, data migration
sources, HTTPS proxy, and NTP server. For example, if you specify the search domain
“mycompany.com”, then typing “server1” for one of these purposes would connect to
“server1.mycompany.com”.
Note: There are no search domains for LDAP.
•
Enter the IP address for your primary DNS server in the Primary DNS server text box.
You must enter a valid hostname or IP address.
•
Enter the IP address for your secondary DNS server in the Secondary DNS server text
box (if applicable). You must enter a valid hostname or IP address.
4. Click Save Network Settings to save your entries.
Nasuni Management Console Guide 7.9
358
Console Settings Page
Proxy
Proxy
You can configure the Nasuni Management Console to use a proxy server, if needed. All HTTPS traffic
goes through the proxy server that you specify.
Note: When you enable or disable the HTTPS proxy, the Nasuni Management Console
cannot update any Nasuni Filer settings for about 2 minutes.
To configure the HTTPS Proxy, follow these steps:
1. Click Console Settings, then select Proxy in the left-hand column. The Console Proxy
Configuration page appears.
Figure 10-65: Console Proxy Configuration page.
2. To enable proxy support, click Proxy Support: On (enabled) or Off (disabled).
3. In the Proxy Server text box, enter the hostname or IP address of a host running an HTTPS
proxy.
4. In the Port text box, enter the port number used by the HTTPS proxy server.
5. Optionally, enter a valid username (case-sensitive) as configured by the proxy server in the User
Name text box and the password (case-sensitive) in the Password text box.
6. Optionally, in the Do Not Proxy text box, enter a list of hostnames or IP addresses not to proxy
(one per line).
7. To save your settings, click Save Proxy Settings.
Nasuni Management Console Guide 7.9
359
Console Settings Page
Software Update
Software Update
When a newer version of the Nasuni Management Console software is available, you can install the new
software.
If updates are not available, a page appears telling you there are no updates at this time.
Caution: Updating the software disconnects all users currently using the Nasuni
Management Console. The system can take several minutes to reboot. The time to
reboot can be longer if one-time upgrade operations are necessary.
Note: Nasuni does not recommend applying software updates during your normal business
hours, because this can disrupt access. Apply software updates at night or on weekends.
Tip: Review the release notes of all releases between your current release and the most
recent release.
Note: Updating the Nasuni Management Console software does not affect Nasuni Filers or
access to data.
To update to the latest release, follow these steps:
1. Click Console Settings, then select Software Update in the left-hand column. If an update is
available, the Software Update Available page appears.
Figure 10-66: Software Update Available page.
2. To review the release notes, click the hyperlink “Release Notes are available“.
Note: Some software updates can take longer to apply than others. Refer to the release
notes before applying the update.
3. To confirm that you want to update the software, enter a Username (case-sensitive) and
Password (case-sensitive) that has permission to perform this operation.
4. Click Update Console Software. The Nasuni Management Console downloads software
updates and reboots the system.
Tip: To avoid any performance issues when updates occur, clear your browser’s cache.
Nasuni Management Console Guide 7.9
360
Console Settings Page
Software Update
5. After the reboot completes, re-log in to the Nasuni Management Console with your username
(case-sensitive) and password (case-sensitive).
Nasuni Management Console Guide 7.9
361
Console Settings Page
Remote Support Service
Remote Support Service
You can view and edit Remote Support Service settings.
The Remote Support Service allows authorized Nasuni Technical Support personnel to remotely and
securely access your Nasuni Management Console. This can help Nasuni Technical Support to
diagnose and resolve any issues with your Nasuni Management Console quickly and proactively. No
changes to your corporate firewalls are necessary.
This service is disabled by default and is strictly opt-in. You can enable or disable this service at any
time. You can also enable this service for a specific period of time. Enabling this service allows Nasuni
to offer a higher level of service and support.
Tip: If you need technical assistance, contact Nasuni Technical Support and inform them if
you have enabled Remote Support Service.
You receive a notification whenever the Remote Support Service is enabled or disabled.
Enabling and disabling Remote Support Service
To enable or disable the Remote Support Service, follow these steps:
1. Click Console Settings, then select Remote Support in the left-hand column. The Remote
Support Service page appears.
Figure 10-67: Remote Support Service page.
2. To enable the Remote Support Service, click Enable Remote Support. Selecting On enables
the Remote Support Service.
3. If Enable Remote Support is On, the Timeout text box becomes available. Enter the length of
time, in minutes, that you want to permit the Remote Support Service access to be enabled.
Enter 0 (zero) to allow access for an indefinite amount of time.
Click Enable Remote Support. The Remote Support Service settings are changed. If you
enable the Remote Support Service with a nonzero Timeout time, a countdown begins.
4. If the Remote Support Service is enabled, to disable the Remote Support Service, click Disable
Remote Support. The Remote Support Service settings are changed.
Nasuni Management Console Guide 7.9
362
Console Settings Page
Send Diagnostics
Send Diagnostics
If you experience problems that you cannot resolve, you can send diagnostic information to Nasuni
Technical Support for troubleshooting purposes.
Note: Local diagnostic information is automatically sent when needed, so there is typically no
need to do this, unless instructed by Nasuni Technical Support. Using Send Diagnostics
includes more information than the automatic diagnostic information.
To send diagnostic information, follow these steps:
1. Click Console Settings, then select Send Diagnostics from the menu. The Send Diagnostic
Information to Nasuni page appears.
Figure 10-68: Send Diagnostics page.
2. To confirm that you want to send diagnostics, enter a Username (case-sensitive) and
Password (case-sensitive) that has permission to perform this operation.
3. Click Send Diagnostics. Diagnostic information is sent to Nasuni and the informational
notification “Successfully sent alerts to nasuni.com support team” is sent.
Nasuni Management Console Guide 7.9
363
Chapter 11: Notifications
Notifications are Nasuni Management Console messages.
You might receive the following types of notifications:
•
Info: The system has performed an action, or has changed its state, in such a way that the user
might be interested, but that does not require action or attention.
•
Warning: Something unusual has happened, but the user need not take action.
•
Error: Something unusual or incorrect has occurred, and the user should take notice and try to
resolve the situation, if possible. Errors generate email messages to the user, if the user has set
up email. See “Email Settings” on page 292 for details.
•
Alert: Something unusual or incorrect has occurred, and the user should take notice and try to
resolve the situation, if possible, or contact Nasuni for assistance, if necessary. Alerts generate
emails to the user, if the user has set up email. For details, see “Email Settings” on page 292.
Examples of alert notifications are:
•
Software update available.
•
Account issues.
•
Local cache issues.
•
Evaluation period expired.
Nasuni Management Console Guide 7.9
364
Notifications
Viewing Notifications
Viewing Notifications
Urgent notifications that require acknowledgment appear on the Notifications pane. You can view and
filter all notifications using the Notifications page.
To view notifications, follow these steps:
1. Click the megaphone-shaped Notifications icon at the top right of any page. The Notifications
pane appears.
Figure 11-1: Notifications pane.
Urgent notifications that require acknowledgment appear on the Notifications pane, based on
the state of your system. A number to the right of a notification indicates multiple occurrences of
the same notification. You can acknowledge a notification by clicking the x. To acknowledge all
the urgent notifications, click Acknowledge All.
2. Click View all Notifications. The Notifications page displays a list of notifications.
Figure 11-2: Notifications page.
Nasuni Management Console Guide 7.9
365
Notifications
Viewing Notifications
The following information appears for each notification in the list:
•
Severity: The severity of the notification, including Info, Warning, Alert, and Error. For details
on the definitions of these notifications, see page 364.
•
Date: The date and time of the notification.
•
Origin: The Nasuni Filer that the notification occurred on.
•
Message: The text of the notification.
Note: It can take up to 10 minutes for the notifications of a managed Nasuni Filer to
appear on the Notifications page of the Nasuni Management Console.
Acknowledged notifications display a checkmark to the right of their severity.
At the top of the list is a count of the number of entries shown and the total number of entries.
3. You can select whether to view acknowledged notifications, unacknowledged notifications, or
all notifications, as follows:
•
All: To view all notifications, including acknowledged notifications, select All. All
notifications are listed.
•
No: To view only notifications that have not been acknowledged, select No. Only
unacknowledged notifications are listed.
•
Yes: To view only acknowledged notifications, select Yes. Only acknowledged notifications
are listed.
4. To include Alert notifications, select Alert.
5. To include Error notifications, select Error.
6. To include Warning notifications, select Warning.
7. To include Info notifications, select Info.
Tip: Info notifications can safely be ignored.
8. To automatically refresh the Notifications page, select Enable Auto Refresh.
9. To move to the next page of notifications (if any), click the right arrow at the top of the page.
10. To move to the previous page of notifications (if any), click the left arrow at the top of the page.
11. To download notifications as a CSV file, click Download CSV.
Filtering the Display
Using the Filter text box, you can limit the display to items that match the criteria that you enter. See
“Filtering Displays” on page 394 for details. On this screen, the following field names are available:
•
priority: Matches values in the Severity field.
•
filer: Matches values in the Origin field.
•
message: Matches values in the Message field.
Note: If there are many notifications, it might take a little time to display the filtered
results.
Nasuni Management Console Guide 7.9
366
Notifications
Acknowledging Notifications
Acknowledging Notifications
You can acknowledge notifications.
Acknowledging notifications marks them as read, but leaves them in place for further use. By contrast,
deleting notifications removes them entirely. When you acknowledge notifications, you are no longer
prompted to view them.
To acknowledge notifications, follow these steps:
1. List and filter notifications as described in “Viewing Notifications” on page 365.
2. Select the notifications that you want to acknowledge.
To select all notifications on the page, select the check box to the left of the Severity heading. If
there is more than one page of notifications, a message appears detailing how many
notifications are selected and the total number of notifications matching the current criteria.
Figure 11-3: Selected Notifications message.
To select all the notifications matching the current criteria, click the Select all message.
To clear the selection, click Clear selection.
3. Click Acknowledge. The Acknowledge Notifications dialog box appears.
Figure 11-4: Acknowledge Notifications dialog box.
4. Click Acknowledge Notifications. The selected notifications are acknowledged.
Alternatively, to exit this screen without acknowledging any notifications, click the Close button.
Deleting Notifications
You can delete notifications.
Deleting notifications removes them from the list entirely. When you delete notifications, you are no
longer prompted to view them.
Tip: There are often many notifications such as “Snapshot not needed”, “Antivirus scan
started”, “Updated the Nasuni Filer product license key”, and “Snapshot for volume ... has
been scheduled”. Unless the Nasuni Management Console is experiencing problems in these
areas, you can usually delete all notifications of this kind.
To delete notifications, follow these steps:
1. List and filter notifications as described in “Viewing Notifications” on page 365.
Nasuni Management Console Guide 7.9
367
Notifications
Downloading Notifications
2. Select the notifications that you want to delete:
To select all notifications on the page, select the check box to the left of the Severity heading. If
there is more than one page of notifications, a message appears detailing how many
notifications are selected and the total number of notifications matching the current criteria.
Figure 11-5: Selected Notifications message.
To select all the notifications matching the current criteria, click the Select all message.
To clear the selection, click Clear selection.
3. Click Delete
. The Delete Notifications dialog box appears.
Figure 11-6: Delete Notifications dialog box.
4. Click Delete Notifications. The selected notifications are deleted from the list.
Alternatively, to exit this screen without deleting any notifications, click the Close button.
Downloading Notifications
Download
You can download notifications to a comma-separated values (CSV) file for further analysis or retention.
To download notifications as a CSV file, on the Notifications page, click Download CSV. The
notifications are downloaded and saved as a CSV file, according to the configuration of your browser.
Nasuni Management Console Guide 7.9
368
Chapter 12: Disaster Recovery
There are a number of reasons for performing a disaster recovery:
•
Hardware failures.
•
Software failures.
•
Power outages.
•
Human error.
•
Changing storage platforms.
•
Moving data around the world.
•
True natural disaster.
Performing a disaster recovery procedure on the Nasuni Management Console does not affect any of
your Nasuni Filers or access to your data.
Recovering the Nasuni Management Console
This section explains how to recover the Nasuni Management Console in the event of a disaster.
Note: Downloading and executing the installation program for the virtual appliance is
contingent upon the virtual platform you are using.
To recover the Nasuni Management Console, follow these steps:
1. Safeguard at least one of the encryption keys for the Nasuni Management Console. See
“Encryption Keys” on page 322.
2. Obtain the serial number and authorization code for the Nasuni Management Console. You use
these in step 10. If you have the credentials to log in to your Nasuni.com account (https://
account.nasuni.com/account/login/), you can obtain the serial number and authorization code
there. If you don’t have these credentials, obtain the serial number and authorization code from
the person who has the credentials.
3. Download the Nasuni Management Console software appropriate for your platform. Regardless
of which version of the Nasuni Management Console software that you used originally, you can
download the latest version. For details, see “Downloading the Nasuni Management Console
Software” on page 16.
Note: You can perform the disaster recovery process to the same version of the software
that you were running, or to a newer version than you were running, but not to an older
version.
Nasuni Management Console Guide 7.9
369
Disaster Recovery
Recovering the Nasuni Management Console
4. Install the Nasuni Management Console software for your platform.
5. After you obtain the initial IP address, open the specific URL to continue. The Install Wizard —
Network Configuration page appears.
Figure 12-1: Install Wizard — Network Configuration page.
a. In the Hostname box, a default hostname for the Nasuni Management Console appears. You
can accept the default hostname or change it to a customized hostname. The name that you
enter is the name you provide to users so they can access the Nasuni Management Console.
You can use ASCII letters a through z, digits 0 through 9, and hyphens.
Note: The Nasuni Management Console attempts to register the hostname in the
DNS server, so that users can access this host by name.
To change this name later, see “Networking” on page 356.
Nasuni Management Console Guide 7.9
370
Disaster Recovery
Recovering the Nasuni Management Console
b. From the Network Type drop-down list, select either Static or DHCP.
If you select DHCP (Dynamic Host Configuration Protocol), the IP Address, Netmask,
Default Gateway, and MTU Value fields become unavailable.
If you select Static, you must provide Network Device Settings and System Settings. See
your IT administrator for assistance.
If you select Static as a source, enter the following information:
•
Enter the static IP address in the IP Address text box.
•
Enter a netmask address in the Netmask text box.
•
Enter a default gateway address in the Default Gateway text box.
The gateway address must match a subnet of a defined static network.
•
Enter the MTU value in the MTU Value text box. MTU settings above 1500 are
supported.
The maximum transmission unit (MTU) is the size (in bytes) of the largest protocol data
unit that the layer can pass onwards. A larger MTU brings greater efficiency, because
each packet carries more user data while protocol overheads, such as headers, remain
fixed; the resulting higher efficiency means a slight improvement in the bulk protocol
throughput. A larger MTU also means processing fewer packets for the same amount of
data. However, large packets can occupy a slow link for some time, causing greater
delays to following packets, and increasing lag and minimum latency.
c. In the System Settings area:
If you selected DHCP (Dynamic Host Configuration Protocol), the Search Domain, Primary
DNS Server, and Secondary DNS Server fields become unavailable.
If you select Static as a source, enter the following information:
•
Enter one or more local search domains in the Search Domain text box. If you enter
multiple search domains, make sure you include a space between each entry. You must
enter valid hostnames.
You can use search domains to avoid typing the complete address of domains that you
use frequently. The search domains that you enter are automatically appended to names
that you specify for purposes such as Active Directory configuration, data migration
sources, HTTPS proxy, and NTP server. For example, if you specify the search domain
“mycompany.com”, then typing “server1” for one of these purposes would connect to
“server1.mycompany.com”.
Note: There are no search domains for LDAP.
•
Enter the IP address for your primary DNS server in the Primary DNS server text box.
You must enter a valid hostname or IP address.
•
Enter the IP address for your secondary DNS server in the Secondary DNS server text
box (if applicable). You must enter a valid hostname or IP address.
d. Click Continue to proceed.
Nasuni Management Console Guide 7.9
371
Disaster Recovery
Recovering the Nasuni Management Console
6. The Install Wizard — Proxy Network Configuration page appears.
Figure 12-2: Install Wizard — Proxy Network Configuration page.
a. To enable proxy support, click Proxy Support: On (enabled) or Off (disabled).
b. In the Proxy Server text box, enter the hostname or IP address of a host running an HTTPS
proxy.
c. In the Port text box, enter the port number used by the HTTPS proxy server.
d. Optionally, enter a valid username (case-sensitive) as configured by the proxy server in the
User Name text box and the password (case-sensitive) in the Password text box.
e. Optionally, in the Do Not Proxy text box, enter a list of hostnames or IP addresses not to
proxy (one per line).
f.
Click Continue. To return to the previous page to change parameters, click Back.
Nasuni Management Console Guide 7.9
372
Disaster Recovery
Recovering the Nasuni Management Console
7. The Install Wizard — Review Network Settings page appears.
Figure 12-3: Install Wizard — Review Network Settings page.
To accept the network settings, click Continue. return to the previous page to change
parameters, click Back.
8. The Reconfiguring Network Settings page appears.
Figure 12-4: Configuring Network Settings page.
Nasuni Management Console Guide 7.9
373
Disaster Recovery
Recovering the Nasuni Management Console
9. The Install Wizard — Terms of Service and License Agreement page appears.
Figure 12-5: Install Wizard — Terms of Service and License Agreement page.
You can print or download a copy of the Terms of Service and License Agreement by clicking
the appropriate icon.
Select “I accept the Terms of Service”, then click Continue.
Nasuni Management Console Guide 7.9
374
Disaster Recovery
Recovering the Nasuni Management Console
10. The Install Wizard — Authorization page appears.
Figure 12-6: Install Wizard — Authorization page.
Enter the NMC Serial Number and Authorization code, found under the Account section of
www.nasuni.com. Click Continue to proceed.
11. The Install Wizard — Confirm NMC Recovery page appears.
Figure 12-7: Install Wizard — Confirm NMC Recovery page.
Note: If the “Confirm New NMC” page appears instead of the “Confirm NMC Recovery”
page, contact Nasuni Technical Support.
Enter “Perform Disaster Recovery” in the Confirmation text box, then click Continue to
proceed.
Nasuni Management Console Guide 7.9
375
Disaster Recovery
Recovering the Nasuni Management Console
12. The Install Wizard — Disaster Recovery page appears.
Figure 12-8: Install Wizard — Disaster Recovery page.
If you escrowed your encryption keys with Nasuni, and do not have your encryption keys, and
you need Nasuni to de-escrow your encryption keys, select Yes from the drop-down list.
Contact Nasuni to receive your Recovery Key, then enter your Recovery Key and click
Continue.
Note: Only one encryption key is required for this procedure.
Important: If you have previously escrowed your encryption keys with Nasuni, and you
use these escrowed encryption keys as part of the disaster recovery process, you MUST
re-escrow those encryption keys with Nasuni if you want those encryption keys to
continue to be escrowed with Nasuni. After the disaster recovery is complete, the Nasuni
Filer treats all encryption keys as if they were not created by this Nasuni Filer. For details,
see, “Escrowing Encryption Keys with Nasuni” on page 212.
Otherwise, select No from the drop-down list, then click Continue.
Nasuni Management Console Guide 7.9
376
Disaster Recovery
Recovering the Nasuni Management Console
13. If you selected No, the Install Wizard — Upload Encryption Keys page appears.
Figure 12-9: Install Wizard — Upload Encryption Keys page.
Click Choose File to navigate to your encryption key file, enter the Key Passphrase if
necessary, then click Upload Key(s).
All uploaded encryption keys should be at least 2048 bits long.
Important: It is possible that not all encryption keys are uploaded as part of the disaster
recovery. After the disaster recovery process is complete, the Encryption Keys page
indicates which encryption keys were not uploaded. Uploading these encryption keys is
optional.
Figure 12-10: Encryption Keys page.
Nasuni Management Console Guide 7.9
377
Disaster Recovery
Recovering the Nasuni Management Console
14. The Install Wizard - About to Recover page appears.
Figure 12-11: Install Wizard - About to Recover page.
Click Continue. Disaster recovery of the Nasuni Management Console begins.
15. After recovery, the Install Wizard - Recovery Complete page appears.
Figure 12-12: Install Wizard - Recovery Complete page.
Nasuni Management Console Guide 7.9
378
Disaster Recovery
Recovering the Nasuni Management Console
16. The Install Wizard — Create Admin User page appears.
Figure 12-13: Install Wizard — Create Admin User page.
Create a Username (case-sensitive) and a Password (case-sensitive) for the administration of
this Nasuni Management Console. An indicator of password strength appears. Although
password strength is not enforced, you should use strong passwords. Click Continue.
17. The Rebooting page appears.
Figure 12-14: Rebooting page.
It can take several minutes for this process to complete.
Nasuni Management Console Guide 7.9
379
Disaster Recovery
Recovering the Nasuni Management Console
18. The Login page appears.
Figure 12-15: Login page.
Log in to the Nasuni Management Console with your Username (case-sensitive) and Password
(case-sensitive). Click Log in.
Nasuni Management Console Guide 7.9
380
Disaster Recovery
Recovering the Nasuni Management Console
19. The Nasuni Management Console Home page appears.
Figure 12-16: Nasuni Management Console Home page.
A message appears confirming that the recovery process is complete.
Important: After the disaster recovery, it might be necessary to reconfigure the firewall,
networking, proxy, and time server settings.
Nasuni Management Console Guide 7.9
381
Appendix A: Console Commands
Overview
You can change network settings, such as the IP address of the Nasuni Management Console, using
commands on the console. You might want to change the IP address if, for example, you do not want
to use the initial default IP address or if the current IP address is not valid. Also, if you make an entry
error when setting network parameters, you can correct it using the IP address configuration
commands in this section.
Using console commands
Console commands enable you to obtain information about the network configuration, and modify
values of the network configuration.
To access console commands, follow these steps:
1. Access the console for the Nasuni Management Console. For the Nasuni Management Console
virtual machine, use the virtual machine console window. The console prompt appears.
Figure A-1: Console prompt.
Nasuni Management Console Guide 7.9
382
Console Commands
Using console commands
2. Press Enter to access the Service menu. The login prompt appears. Enter the username and
password. The login username is service, and the default password is service. The Service
Menu appears.
Figure A-2: Service Menu.
Note: For security, use the changepassword command to change the password for the
service console.
3. To see a list of available commands, enter help at the prompt. To see details about each
command, enter help <command>.
Figure A-3: List of available commands.
4. To access commands to change the network configuration, enter editnetwork at the prompt.
The network prompt appears.
Figure A-4: Network prompt.
5. To see a list of available editnetwork commands, enter help at the prompt. To see details about
each editnetwork command, enter help <command>.
Figure A-5: List of available editnetwork commands.
6. To exit the editnetwork commands, enter close.
7. To exit the console commands, enter quit.
Important: After making any network changes, you must use the Nasuni Management
Console to enter those settings so that the Nasuni Management Console is consistent
with the platform. This applies to all network changes.
Nasuni Management Console Guide 7.9
383
Console Commands
Changing device and network parameters
Changing device and network parameters
You can use console commands to change network device and system parameters such as the
network device IP address, netmask, and MTU, as well as the system hostname, default gateway, DNS
servers, and search domains.
Important: After making any network changes, you must use the Nasuni Management
Console to enter those settings so that the Nasuni Management Console is consistent with
the platform. This applies to all changes.
To change device and network parameters at the console, follow these steps:
1. Access the console for the Nasuni Management Console. For the Nasuni Management Console
virtual machine, use the virtual machine console window. The console prompt appears.
Figure A-6: Console prompt.
2. Press Enter to access the Service menu. The login prompt appears. Enter the username and
password. The login username is service, and the default password is service. The Service
Menu appears.
Figure A-7: Service Menu.
3. Enter editnetwork at the prompt. The network prompt appears.
Figure A-8: Network prompt.
Nasuni Management Console Guide 7.9
384
Console Commands
Changing device and network parameters
4. To use DHCP settings for the device and the system, enter the following command:
setall dhcp
Press Enter. The setall dhcp command runs:
Figure A-9: setall dhcp command.
The device and the system use DHCP settings. Continue with step 15 on page 386.
5. To use static settings for the device and the system, enter the following command:
setall static
Press Enter. The setall static command runs:
Figure A-10: setall static command.
6. To change the IP address, enter a new IP address and press Enter. To leave the current IP
address unchanged, press Enter.
7. To change the netmask, enter a netmask and press Enter. To leave the current netmask
unchanged, press Enter.
Nasuni Management Console Guide 7.9
385
Console Commands
Changing device and network parameters
8. To change the MTU, enter an MTU and press Enter. To leave the current MTU unchanged,
press Enter.
The maximum transmission unit (MTU) is the size (in bytes) of the largest protocol data unit that
the layer can pass onwards. A larger MTU brings greater efficiency, because each packet
carries more user data while protocol overheads, such as headers, remain fixed; the resulting
higher efficiency means a slight improvement in the bulk protocol throughput. A larger MTU also
means processing fewer packets for the same amount of data. However, large packets can
occupy a slow link for some time, causing greater delays to following packets, and increasing
lag and minimum latency.
9. To change any of the above values, enter yes. Use step 6, step 7, and step 8 to change the
values.
Alternatively, to leave values unchanged, enter No or press Enter.
10. To change the hostname, enter a new hostname and press Enter. To leave the current
hostname unchanged, press Enter.
11. To change the default gateway, enter a default gateway and press Enter. To leave the current
default gateway unchanged, press Enter.
12. To change the DNS server, enter one or two DNS servers separated by spaces and press Enter.
To leave the current DNS server unchanged, press Enter.
13. To change the search domain, enter one or more search domains separated by spaces and
press Enter. To leave the current search domain unchanged, press Enter.
14. To change any of the above values, enter yes. Use step 10, step 11, step 12, and step 13 to
change the values.
Alternatively, to leave values unchanged, enter No.
15. To save your values, enter save.
16. To exit the editnetwork commands, enter close.
17. To exit the console commands, enter quit.
18. On the Nasuni Management Console, enter any changed settings so that the Nasuni
Management Console is consistent with the platform.
Nasuni Management Console Guide 7.9
386
Console Commands
Changing static IP address and other network parameters
Changing static IP address and other network parameters
You can use console commands to change network parameters such as the static IP address,
netmask, MTU, hostname, default gateway, DNS servers, and search domains.
Important: After making any network changes, you must use the Nasuni Management
Console to enter those settings so that the Nasuni Management Console is consistent with
the platform. This applies to all network changes.
To change the static IP address and other network parameters at the console, follow these steps:
1. Access the console for the Nasuni Management Console. For the Nasuni Management Console
virtual machine, use the virtual machine console window. The console prompt appears.
Figure A-11: Console prompt.
2. Press Enter to access the Service menu. The login prompt appears. Enter the username and
password. The login username is service, and the default password is service. The Service
Menu appears.
Figure A-12: Service Menu.
3. Enter editnetwork at the prompt. The network prompt appears.
Figure A-13: Network prompt.
Nasuni Management Console Guide 7.9
387
Console Commands
Changing static IP address and other network parameters
4. Enter the following command:
setaddr static
Press Enter. The setaddr static command runs:
Figure A-14: setaddr static command.
5. To change the IP address, enter a new IP address and press Enter. To leave the current IP
address unchanged, press Enter.
6. To change the netmask, enter a netmask and press Enter. To leave the current netmask
unchanged, press Enter.
7. To change the MTU, enter an MTU and press Enter. To leave the current MTU unchanged,
press Enter.
The maximum transmission unit (MTU) is the size (in bytes) of the largest protocol data unit that
the layer can pass onwards. A larger MTU brings greater efficiency, because each packet
carries more user data while protocol overheads, such as headers, remain fixed; the resulting
higher efficiency means a slight improvement in the bulk protocol throughput. A larger MTU also
means processing fewer packets for the same amount of data. However, large packets can
occupy a slow link for some time, causing greater delays to following packets, and increasing
lag and minimum latency.
8. To change values, enter yes. The entered values are changed.
Alternatively, to leave values unchanged, enter No.
9. Enter the following command:
setsystem static
Press Enter. The setsystem static command runs:
Figure A-15: setsystem static command.
Nasuni Management Console Guide 7.9
388
Console Commands
Changing static IP address and other network parameters
10. To change the hostname, enter a new hostname and press Enter. To leave the current
hostname unchanged, press Enter.
11. To change the default gateway, enter a default gateway and press Enter. To leave the current
default gateway unchanged, press Enter.
12. To change the DNS server, enter one or two DNS servers separated by spaces and press Enter.
To leave the current DNS server unchanged, press Enter.
13. To change the search domain, enter one or more search domains separated by spaces and
press Enter. To leave the current search domain unchanged, press Enter.
14. To change values, enter yes. The entered values are changed.
Alternatively, to leave values unchanged, enter No.
15. To save your network parameter values, enter save.
16. To exit the editnetwork commands, enter close.
17. To exit the console commands, enter quit.
18. On the Nasuni Management Console, enter any changed settings so that the Nasuni
Management Console is consistent with the platform.
Nasuni Management Console Guide 7.9
389
Console Commands
Enabling DHCP Networking
Enabling DHCP Networking
Important: After making any network changes, you must use the Nasuni Management
Console to enter those settings so that the Nasuni Management Console is consistent with
the platform. This applies to all network changes.
To enable DHCP networking, follow these steps:
1. Access the console for the Nasuni Management Console. For the Nasuni Management Console
virtual machine, use the virtual machine console window. The console prompt appears.
Figure A-16: Console prompt.
2. Press Enter to access the Service menu. The login prompt appears. Enter the username and
password. The login username is service, and the default password is service. The Service
Menu appears.
Figure A-17: Service Menu.
3. Enter editnetwork at the prompt. The network prompt appears.
Figure A-18: Network prompt.
4. Enter the following command:
setaddr dhcp
Press Enter. The setaddr dhcp command runs.
5. Enter yes to enable DHCP networking.
Nasuni Management Console Guide 7.9
390
Console Commands
Enabling DHCP Networking
6. To exit the editnetwork commands, enter close.
7. To exit the console commands, enter quit.
8. On the Nasuni Management Console, enter any changed settings so that the Nasuni
Management Console is consistent with the platform.
Nasuni Management Console Guide 7.9
391
Console Commands
Enabling DHCP Networking
Viewing the MAC Address
You can also use console commands to view the MAC address.
To view the MAC address, follow these steps:
1. Access the console for the Nasuni Management Console. The console prompt appears.
Figure A-19: Console prompt.
2. Press Enter to access the Service menu. The login prompt appears. Enter the username and
password. The login username is service, and the default password is service. The Service
Menu appears.
Figure A-20: Service Menu.
3. Enter the following command:
showmac
4. Press Enter. The showmac command runs.
Figure A-21: showmac command.
You can view the MAC address for each network interface card.
5. To exit the console commands, enter quit.
Nasuni Management Console Guide 7.9
392
Appendix B: Nasuni Terms of Service and License
Agreement
Nasuni Corporation
The Terms of Service and License Agreement for the Nasuni Filer is located at:
http://www.nasuni.com/legal/terms_of_service
Nasuni Management Console Guide 7.9
393
Appendix C: Filtering Displays
Filtering the Display
On some pages, you can limit the display to items that match the criteria that you enter. In the Filter
text box, type the criteria, then click Apply Filter. Here are guidelines for using the Filter text box:
•
Use spaces to separate criteria. The filter matches ALL of the criteria entered.
•
You can enter letters and numerals, not case-sensitive.
•
You can enter the following special ASCII symbols:
! @ $ % ^ (caret) * = ( ) [ ] { } < > / ?
| (vertical bar) _ (underscore) ‘ (accent) ~ (tilde) : (colon) , (comma) . (period)
•
Do not use the following ASCII symbols to filter:
# & + ; (semicolon) ‘ (single quote) “ (double quote)
•
You can enter a lowercase field name, followed by a colon, followed by a value. The field names
vary depending on the screen.
•
You can enter a lowercase condition, followed by a colon, followed by a Boolean value. The
conditions vary depending on the screen.
•
You can enter a minus sign (-) to negate any criterion.
Examples:
files
Matches any item that contains “files” in any field.
f!|@$
Matches any item that contains “f!|@$” in any field.
volume:files
readonly:true
Matches any item that contains “files” in the Volume field.
Matches any item that has Read Only enabled.
volume:files readonly:true
AND that has Read Only enabled.
-readonly:true
Matches any item that contains “files” in the Volume field
Matches any item that DOES NOT have Read Only enabled.
Nasuni Management Console Guide 7.9
394
Appendix D: Permissions
Nasuni Filer and NMC Permissions
This Appendix shows the displayed permissions and the operational permissions that they include. To
set permissions, see “Adding Permission Groups” on page 350 and “Editing Permission Groups” on
page 353.
For the Nasuni Management Console, the available displayed permissions include the following
operational permissions:
NMC Displayed Permission
Operational Permissions Included
Manage all aspects of NMC (super user)
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage Automatic Updates
Manage updating NMC
Nasuni Management Console Guide 7.9
all pending messages for Nasuni Filer
refresh for Nasuni Filer
NMC account status
NMC description
NMC diagnostic settings
NMC email settings
NMC encryption keys
NMC network settings
NMC notifications
NMC license refresh
NMC remote support
NMC session
NMC shutdown
NMC SMB settings
NMC SNMP settings
NMC software updates
NMC SSL settings
NMC time settings
updating NMC
NMC users and groups
NMC notifications only
395
Nasuni Filer and NMC Permissions
NMC Displayed Permission (Continued)
Operational Permissions Included (Continued)
Manage Network Settings
Manage NMC network settings
Manage NMC SNMP settings
Manage NMC time settings
Manage Notifications
Manage NMC email settings
Manage NMC notifications
Manage NMC notifications only
Manage Security Settings
Manage
Manage
Manage
Manage
Shutdown or Reboot NMC
Manage NMC shutdown
Nasuni Management Console Guide 7.9
NMC
NMC
NMC
NMC
encryption keys
session
SMB settings
SSL settings
396
Nasuni Filer and NMC Permissions
For the Nasuni Filer, the available displayed permissions include the following operational permissions:
Nasuni Filer Displayed Permission
Manage all aspects of the Filer (super user)
Nasuni Management Console Guide 7.9
Operational Permissions Included
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
all pending messages for Nasuni Filer
API keys
branding
cache jobs
cache settings
CIFS client page
CIFS client settings
connection status settings
credential settings
data migration settings
description
diagnostic settings
encryption keys
File System Browser
FTP client page
FTP settings
global locking settings
hardware settings
iSCSI settings
Mobile Access
network settings
NFS settings
NMC encryption keys
NMC notifications
notifications
Quality of Service settings
quotas
refresh license settings
remote support settings
shared links
shutdown settings
Side Load settings
SNMP settings
SSL settings
taking volume snapshot
time configuration
update settings
volume antivirus settings
volume audit settings
volume Auto Cache settings
397
Nasuni Filer and NMC Permissions
Nasuni Filer Displayed Permission (Continued)
Operational Permissions Included (Continued)
Manage all aspects of the Filer (super user)
(continued)
Manage volume cloud I/O settings
Manage volume creation settings
Manage volume deletion settings
Manage volume download settings
Manage volume encryption keys
Manage volume exports
Manage volume file alerts
Manage volume FTP directories
Manage volume global lock settings
Manage volume iSCSI settings
Manage volume name
Manage volume pinning
Manage volume protocols
Manage volume quotas
Manage volume remote access settings
Manage volume restore settings
Manage volume shares
Manage volume snapshot access
Manage volume snapshot retention
Manage volume snapshot schedule
Manage volume sync schedule
View heuristic page
Add and Delete Volumes
Manage volume creation settings
Manage volume deletion settings
Disconnect Users from Access Points
Manage connection status settings
Manage Antivirus Service
Manage volume antivirus settings
Manage Data Migration Service
Manage data migration settings
Manage File System Browser
Manage File Alerts Service
Manage volume file alerts
Manage Folder Quotas
Manage quotas
Manage File System Browser
Manage volume quotas
Nasuni Management Console Guide 7.9
398
Nasuni Filer and NMC Permissions
Nasuni Filer Displayed Permission (Continued)
Operational Permissions Included (Continued)
Manage Multi Site Settings/Connections
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
SSL settings
volume antivirus settings
volume exports
volume file alerts
volume FTP directories
volume iSCSI settings
volume name
volume pinning
volume protocols
volume remote access settings
volume shares
volume snapshot access
volume snapshot schedule
volume sync schedule
Manage Network Settings
Manage
Manage
Manage
Manage
network settings
Quality of Service settings
SNMP settings
time configuration
Manage Notifications
Manage NMC notifications
Manage notifications
Manage Security/Encryption Keys
Manage
Manage
Manage
Manage
Manage
encryption keys
Mobile Access
NMC encryption keys
SSL settings
volume encryption keys
Manage Shares, Exports, FTP and iSCSI
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
CIFS client page
connection status settings
File System Browser
FTP settings
iSCSI settings
NFS settings
time configuration
volume exports
volume FTP directories
volume iSCSI settings
volume shares
Manage Volume Auditing Settings
Manage volume audit settings
Nasuni Management Console Guide 7.9
399
Nasuni Filer and NMC Permissions
Nasuni Filer Displayed Permission (Continued)
Operational Permissions Included (Continued)
Manage Volume Security Settings
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
encryption keys
NMC encryption keys
volume antivirus settings
volume encryption keys
volume exports
volume file alerts
volume FTP directories
volume shares
Manage Volume Settings (Can't add/
delete)
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
Manage
File System Browser
quotas
taking volume snapshot
volume antivirus settings
volume audit settings
volume Auto Cache settings
volume cloud I/O settings
volume download settings
volume encryption keys
volume exports
volume file alerts
volume FTP directories
volume global lock settings
volume iSCSI settings
volume name
volume pinning
volume protocols
volume quotas
volume remote access settings
volume shares
volume snapshot access
volume snapshot retention
volume snapshot schedule
volume sync schedule
Nasuni Management Console Guide 7.9
400
Nasuni Filer and NMC Permissions
Nasuni Filer Displayed Permission (Continued)
Operational Permissions Included (Continued)
Manage all aspects of Volumes
Manage File System Browser
Manage quotas
Manage taking volume snapshot
Manage volume antivirus settings
Manage volume audit settings
Manage volume Auto Cache settings Manage
volume cloud I/O settings
Manage volume creation settings
Manage volume deletion settings
Manage volume download settings
Manage volume encryption keys
Manage volume exports
Manage volume file alerts
Manage volume FTP directories
Manage volume global lock settings
Manage volume iSCSI settings
Manage volume name
Manage volume pinning
Manage volume protocols
Manage volume quotas
Manage volume remote access settings
Manage volume shares
Manage volume snapshot access
Manage volume snapshot retention
Manage volume snapshot schedule
Manage volume sync schedule
Manage/Apply Filer Updates
Manage update settings
Modify Snapshot Retention
Manage volume snapshot access
Manage volume snapshot retention
Manage volume snapshot schedule
Perform File Restores/Access Versions
Manage volume Auto Cache settings
Manage File System Browser
Manage volume restore settings
Shutdown or Reboot the Filer
Manage shutdown settings
Nasuni Management Console Guide 7.9
401
Appendix E: Glossary
The following terms are useful in understanding the Nasuni Filer.
A
Access Control List (ACL)
An access control list (ACL) is a list of permissions attached to an object. An ACL specifies which users
or system processes are granted access to objects, as well as what operations are allowed on given
objects.
Active Directory (AD)
Microsoft Active Directory (AD) is a directory service for Windows domain networks. It is part of most
Windows Server operating systems. Microsoft Active Directory enables administrators to assign
policies, deploy software, and apply critical updates to an organization. Active Directory stores its
information and settings in a central database.
Advanced Encryption Standard (AES)
The Advanced Encryption Standard (AES) is a specification for the encryption of electronic data. It has
been adopted by the U.S. government and is used worldwide. AES is approved by the National
Security Agency (NSA) for top secret information.
Authorization Code
A 6-character code used in conjunction with a Serial Number to validate an installation. Authorization
Codes are good for one use; one successful use causes an authorization code to be changed
automatically. Generating a new authorization code for a serial number does not cause a Nasuni Filer or
NMC that uses that serial number to stop working. The authorization code is only used once during
initial setup of a new or recovered Nasuni Filer or NMC. Because an Authorization Code is only used
once, an administrator can safely issue it to a user in order to install a single Nasuni Filer or NMC
without revealing Nasuni account credentials. To obtain an Authorization code for a Serial Number, visit
https://account.nasuni.com/account/serial_numbers/, or the Account Status page of the Nasuni
Management Console.
Auto Cache
A feature that immediately brings new data into the local cache from other Nasuni Filers that are
attached to a volume. Otherwise, new data is brought into the local cache from other Nasuni Filers
when that data is accessed next.
Nasuni Management Console Guide 7.9
402
B
byte-range locking
Byte-range locking is a form of global file locking that applies to locking a collection of bytes within a
file, rather than the entire file. Certain applications benefit from byte-range locking.
C
cache
A cache is a computer component that stores data locally so that future requests for that data can be
served faster. While all data and metadata are stored in cloud storage, data that requires regular access
is kept locally. This includes files that are re-written and data that is read often. If the requested data
does not reside locally, it is staged into the cache and provided for the request.
Challenge-Handshake Authentication Protocol (CHAP)
A protocol that authenticates a user or network host to an authenticating entity.
CHAP (Challenge-Handshake Authentication Protocol)
See “Challenge-Handshake Authentication Protocol (CHAP)” on page 403.
CIFS (Common Internet File Service)
A standard protocol that allows Windows users to share files across a network.
copy-on-write (COW) disk
The copy-on-write (COW) disk is used during the snapshot process. If any writes to the Nasuni Filer
occur during a snapshot, the previous data from the cache disk is copied to the COW disk, and the new
data is written to the cache disk. Hence, the term “copy-on-write”. This allows new writes to take place
at any time, even during the snapshot process.
D
Direct Attached Storage (DAS)
Direct-attached storage (DAS) is computer storage that is directly attached to one computer or server
and is not, without special support, directly accessible to other ones. The main alternatives to directattached storage are network-attached storage (NAS) and a storage area network (SAN).
directory quota
A limit on the amount of data in a directory. You can configure that quota reports are sent to
administrators or users when directories near or exceed their quota.
Directory Services
Services, including authentication, provided by Active Directory or LDAP.
Nasuni Management Console Guide 7.9
403
Dynamic Host Configuration Protocol (DHCP)
Dynamic Host Configuration Protocol (DHCP) is a network configuration protocol that provides a
network IP address for a host on an IP network automatically.
E
encryption
The Nasuni Filer encrypts data sent to cloud storage using the OpenPGP standard, with AES-256 as
the default encryption.
eviction
Data that has been copied from the Nasuni Filer to cloud storage, and that is rarely used again, is
eventually removed (“evicted”) from the Nasuni Filer’s cache to free up space for new data. If one of
these evicted files is later requested for reads or writes, the Nasuni Filer retrieves the file from cloud
storage and puts it back into the cache automatically.
export
A directory on a server volume that a client on your network can access.
F
file system
A method for storing and organizing computer files and the data that they contain in order to make it
easy to find and access them.
FTP (file transfer protocol)
File Transfer Protocol (FTP) is a standard network protocol used to transfer files from one host to
another host over a TCP-based network, such as the Internet.
G
GB/GiB
GB is an abbreviation of gigabyte, meaning 1,000,000,000 bytes. Usually used to refer to hard disk
capacity.
GiB is an abbreviation of gibibyte, meaning 230 (1,073,741,824) bytes. Usually used to refer to RAM
memory.
Nasuni Management Console Guide 7.9
404
global file locking
The purpose of the global file locking feature is to prevent conflicts when two or more users attempt to
change the same file on different Nasuni Filers. If you enable the global file locking feature for a
directory and its descendants, any files in that directory or its descendants can only be changed by one
user at a time. Any other users cannot change the same file at the same time.
You can also manually break the locking of a file. This might become necessary if a user leaves a file
open and another user needs to open that file.
I
initiator
An initiator functions as an iSCSI client. An iSCSI initiator sends SCSI commands over an IP network.
instance
The Nasuni Filer is either a hardware appliance or virtual machine. An instance refers to a single virtual
machine that provides virtualization of the Nasuni Filer software.
Internet Small Computer System Interface (iSCSI)
An Internet Protocol (IP)-based storage networking standard for linking data storage facilities. By
carrying SCSI commands over IP networks, iSCSI facilitates transferring data over intranets and
managing storage over long distances. The protocol allows clients (called initiators) to send SCSI
commands (CDBs) to SCSI storage devices (targets) on remote servers. iSCSI is a Storage Area
Network (SAN) protocol.
IQN (iSCSI Qualified Name)
See “iSCSI Qualified Name (IQN)” on page 405.
iSCSI (Internet Small Computer System Interface)
See “Internet Small Computer System Interface (iSCSI)” on page 405.
iSCSI Qualified Name (IQN)
The iSCSI Qualified Name includes these fields:

iqn.

date that the naming authority took ownership of the domain, in yyyy-mm format.

reversed domain name of the authority, such as com.nasuni.

“:” followed by a storage target name specified by the naming authority.
Example: iqn.2008-11.com.nasuni:filer.nasuni.net:51
Nasuni Management Console Guide 7.9
405
K
Kerberos
Kerberos is a network protocol that is used to authenticate users. After a client has correctly
authenticated with a Kerberos server, the client is issued a ticket that allows the client to access the
requested service as long as it is within a Kerberos realm (domain). A Kerberos keytab file contains
encryption keys associated with services (the service principal names) located on servers hosting
Kerberos-enabled protocols.
L
LDAP (Lightweight Directory Access Protocol)
LDAP is a network protocol that is used to identify users. After a user is authenticated with Kerberos
and has a valid ticket, the information from the ticket is used to look up additional details on that user
from a directory server using the LDAP protocol.
M
MB/MiB
MB is an abbreviation of megabyte, meaning 1,000,000 bytes. Usually used to refer to hard disk
capacity.
MiB is an abbreviation of mebibyte, meaning 220 (1,048,576) bytes. Usually used to refer to RAM
memory.
metadata
Data about data. Metadata describes how and when and by whom a particular set of data was
collected, and how the data is formatted.
MIB (management information base)
A database for managing entities in a network, such as with the Simple Network Management Protocol
(SNMP).
MTU (maximum transmission unit)
The maximum transmission unit (MTU) is the size (in bytes) of the largest protocol data unit that the
layer can pass onwards. A larger MTU brings greater efficiency, because each packet carries more user
data while protocol overheads, such as headers, remain fixed; the resulting higher efficiency means a
slight improvement in the bulk protocol throughput. A larger MTU also means processing fewer packets
for the same amount of data. However, large packets can occupy a slow link for some time, causing
greater delays to following packets, and increasing lag and minimum latency. MTU settings should not
exceed 1500.
Nasuni Management Console Guide 7.9
406
N
NAS (Network Attached Storage)
See “Network Attached Storage (NAS)” on page 407.
Nasuni Filer
The Nasuni Filer is a storage controller that runs in your data center and provides primary storage with
built-in backup and offsite protection. The Nasuni Filer is available as both a hardware appliance and a
virtual machine. The Nasuni Filer can be used instead of, or in combination with, traditional file servers.
It fully supports Windows CIFS Shares as well as Active Directory or LDAP Directory Services. A single
volume in a Nasuni Filer has unlimited capacity, due to the integration of its caching algorithms with
provisioning.
Nasuni Filer user interface (UI)
The Web-based user interface to the Nasuni Filer.
Nasuni Management Console (NMC)
The Nasuni Management Console enables you to monitor and manage many Nasuni Filers from one
central application. Using the Nasuni Management Console, you can view the status of all of your
managed Nasuni Filers, as well as configure their settings. With the Nasuni Management Console, you
can ensure consistent settings on all your Nasuni Filers.
Using the Nasuni Management Console, you can manage Nasuni Filers even if they are not presently
connected. Any configuration changes made will propagate to the Nasuni Filer when it becomes
connected.
Nasuni's cloud storage
The secure unlimited online storage provided through the Nasuni Filer.
Network Attached Storage (NAS)
Network-attached storage (NAS) is file-level computer data storage connected to a computer network.
NAS devices are a convenient method of sharing files among multiple computers. NAS systems
typically provide access to files using network file sharing protocols such as NFS, SMB/CIFS, or AFP.
NFS (Network File System)
A protocol and file system for accessing and sharing files across a computer network using UNIX and
Linux.
NMC (Nasuni Management Console)
See “Nasuni Management Console (NMC)” on page 407.
Nasuni Management Console Guide 7.9
407
O
offsite data protection
Storing copies of critical data away from the original data centers to protect this information from
natural disasters and accidental or malicious modification.
on-demand provisioning
The Nasuni Filer simplifies provisioning by offering instant provisioning in increments as small as 1 TB.
P
pinning
Pinning a folder specifies that the folder and its contents must remain in the local cache at all times.
This can improve performance and reduce the time necessary to return accessed data to clients. This
reduces the available cache by the size of the folder. Pinning a folder does not bring the folder’s data
into the cache. All iSCSI (SAN) volume data is already pinned in the cache, so it is not necessary to pin
iSCSI volumes.
proxy
A server that acts as an intermediary for requests from clients seeking resources from other servers.
Q
Quality of Service
Quality of Service (QoS) settings indicate the inbound and outbound bandwidth limits of the Nasuni
Filer for data moving to or from the Nasuni Filer, such as transmitting snapshots to cloud storage.
quota
A limit on the amount of usable storage space on a volume.
S
SAN (Storage Area Network)
See “Storage Area Network (SAN)” on page 409.
Nasuni Management Console Guide 7.9
408
Serial Number
A unique 32-digit hexadecimal number associated with your account for use with Nasuni Filer and
Nasuni Management Console (NMC) installations. Each account has multiple Serial Numbers. Unused
Serial Numbers may be used to set up a new Nasuni Filer or an NMC. Serial Numbers already in use
may be used to recover existing Nasuni Filers or your existing NMC. Serial Numbers are used in
conjunction with Authorization Codes. To obtain a Serial Number, visit https://account.nasuni.com/
account/serial_numbers/.
share
A folder on a volume that can be shared on your network. Access to a share can be customized on a
user or group-level basis.
snapshot
An instantaneous, non-changing, read-only image of a volume. Snapshots let you view any past version
of the file system and restore all or part of the version quickly.
A snapshot is a complete picture of the files and folders in your file system at a specific point in time.
With snapshots, the Nasuni Filer can identify new or changed data. Snapshots offer data protection by
enabling you to recover a file deleted in error or to restore an entire file system. After a snapshot has
been taken and is sent to cloud storage, it is not possible to modify that snapshot.
SNMP (Simple Network Management Protocol)
An Internet-standard protocol for managing devices on IP networks.
Storage Area Network (SAN)
An architecture to attach remote computer storage devices (such as disk arrays, tape libraries, and
optical jukeboxes) to servers in such a way that the devices appear as locally attached to the operating
system.
sync
You can schedule when, and with what frequency, the selected volume updates data (“syncs”) from
Nasuni, merging your local data with any new or changed data from other Nasuni Filers connected to
this volume. This helps to ensure that everyone in your organization is using the most current data.
T
target
A storage resource located on an iSCSI server. A target is a storage server instance.
Nasuni Management Console Guide 7.9
409
V
versioning
The Nasuni Filer provides the versioning necessary to eliminate the need for separate backup and
restore procedures.
virtual machine
A virtual machine is a tightly isolated software container that can run its own operating systems and
applications as if it were a physical computer. A virtual machine behaves exactly like a physical
computer and contains its own virtual (software-based) CPU, RAM, hard disk, and network interface
card (NIC).
virtualization
Virtualization lets you run multiple virtual machines on a single physical machine, sharing the resources
of that single computer across multiple environments. Different virtual machines can run different
operating systems and multiple applications on the same physical computer.
volume
A set of files and directories. A volume can consist of multiple shares. With the Nasuni Filer, each
volume can be stored in cloud storage.
Nasuni Management Console Guide 7.9
410
Index
Index
0-9
123 (port)
Network Time Protocol (NTP) 233, 296
161 (port)
SNMP monitoring 228, 294
25 (port)
SMTP port 293
443 (port) 242
A
access
group 104, 105, 107, 114, 115, 116, 120, 121, 122,
123, 194, 195
Read-Only 115, 116, 122, 123
read-only 93, 95, 97, 103, 113, 148, 149
read-write 115, 116, 122, 123, 148, 149
snapshot 117, 150
snapshot directory 150
user 93, 94, 96, 97, 106, 115, 116, 122
accessible data 44, 45, 53, 55, 56, 261
volume 55
account
name 283
account alerts 353
acknowledging
alert 367
pending updates 266
ACLs 57, 138, 140
action status 41
Nasuni Management Console Guide 7.9
Active Directory 1, 25, 66, 68, 110, 147, 184, 271, 297,
313, 357, 358, 371
Directory Services 403
domain
editing 311, 312
leaving domain 321
password 316, 321
security 271, 297
configuring 297, 313
security mode 297
server 271, 297
domain name 299, 314
time server 233
trusted domains 297, 300, 312, 315
username 316, 321
Active Directory domain
joining 299, 314, 319
leaving 321
name 316, 318, 320
viewing 317
workgroup name 307, 316, 318, 320
active node 269
adding
Domain User 347
encryption key 210, 324
to volume 131
permission group 350, 353
Quality of Service rule 217, 218
quota report schedule 224
user
permission 345, 346
Administration Guide xvii
administrative reports 223, 225, 227
AES-256 208, 322
411
Index
alert
acknowledging 367
CPU usage 280, 281
definition 364
duration 280
email 353
examples of 364
memory usage 280, 281
message panel 39, 41, 365
notification 39, 40, 364
snapshot 280, 281
threshold 280
types of 353
alerts 4
algorithm
encryption key 209, 323
all_squash
UNIX 93, 95, 96, 97
allowed devices 240
allowed GUI hosts 265
allowed SSH hosts 265
Amazon AWS S3 1
Amazon EC2 2
ambient temperature 185, 268
Android 179, 182, 240, 241, 243
limiting mobile access to 241
anonymous bind 304
anonymous FTP access 104, 107
antivirus
alerts 353
scheduling 161
Antivirus Service
editing 162
viewing 161
antivirus violations
deleting 165
ignoring 165
number of 43, 51
reviewing 165
viewing 164
API keys 186
Apple Open Directory 303
Apple OpenDirectory 271
Apple Safari 4
appliance alerts 353
Asynchronous I/O 118
asynchronous replies 93, 95, 96, 98
Atmos 1
auditing 59, 166
file system 166
log file 170
pruning 168
volume 166
Nasuni Management Console Guide 7.9
Authenticated Access 66, 68, 110, 118, 147, 271
authenticating user 114
authentication
LDAP 1, 297
authorization code 29, 285, 375
Auto Cache
cache jobs 253
disabling 129
folder 73, 75, 83, 128
Auto Cache folder
viewing 128
Auto Refresh 366
automatic software updates
Nasuni Filer 188, 278
editing 189
viewing 188
Nasuni Management Console 289
editing 290
viewing 289
scheduling 289
automatic updates 183
AWS
Amazon AWS S3 1
Azure 1
Microsoft 2
B
back-end cloud storage 1
backup 4
before restoring 88
bandwidth 4
bandwidth limit
central configuration 193
base operating system
version 185
battery
RAID
status 268
BIOS
firmware 267
BMC
firmware 267
branding
Web Access 123, 234
breaking
file lock 84, 85
Bring into Cache 80, 81, 253
byte-range locking 84, 214
412
Index
C
cache 4
bringing data into 80
cache jobs 253
editing settings 192
files
viewing 89
folder pinned 54, 58, 81, 136
iSCSI volume pinned 66, 127
percentage used 185
size 268
space
reserved 12, 190
viewing 89
viewing contents 89
viewing settings 191
cache jobs 253
viewing 253
Cache Resident 73, 74, 75
Cache Settings 190
cache settings 183
cancelling
snapshot 63
capacity 44
exceeded
warning 44, 284
Capacity Alerts 353
capacity alerts 353
capacity exceeded
warning 58, 353
carrier 264
signal 264
Case-Sensitive Paths 117
case-sensitivity 117
central configuration
bandwidth limit 193
policies 193
Sync path 193
certificate
file 333
name 330, 332, 334
self-signed 11, 12, 282, 329, 332
SSL 20, 282
enabling 338
generating 332
replacing 336
uploading 334
Certificate Authority 333
certificate request 331, 333
file 333
name 333
Challenge-Handshake Authentication Protocol
CHAP 66
Nasuni Management Console Guide 7.9
changing
iSCSI
setting 127
password
disk encryption 205
quota
volume 10, 141
volume
quota 10, 141
CHAP
Challenge-Handshake Authentication Protocol 66
password 66
username 66
chart
Cloud Traffic 46, 178, 182
Mobile Access usage 179, 182
Chrome 4
CIFS 65, 297, 313
Mac OS X 65
protocol 55, 68, 147, 150, 161, 166, 238
share 55
snapshot access 117
volume 64
CIFS client 254
viewing 254
CIFS clients 177
status 254
CIFS file locks
status 257
CIFS settings
editing 199
viewing 198
CIFS share
creating 111
deleting 124
CIFS shares 51
number of 44
CIFS summary 184
Cleversafe 1
vault 58
client
disconnecting 255, 256
resetting 255, 256
clients
CIFS 177
Mobile Access 177
status 254
cloud provider
volume 58
Cloud Traffic chart 46, 178, 182
Cloud Usage
data 45, 53, 284
completed migrations 177
413
Index
compliance
and snapshot retention 153
compression 1
configuration
central configuration policies 193
conflict alerts 353
connected initiators 177
connecting
to remote volume 68
connecting to remote volume 68
console 355, 382
message 38
resetting certificate 282
console commands 382, 383, 384, 386, 387, 389
console settings 287
copying
SSL certificate information 331
cores
per CPU 267, 269
count
CPU 267
CPUs 267, 269
CPU
cores per 267, 269
count 267, 269
frequency 267, 269
model 267
sockets 267
CPU activity 183
CPU Usage
threshold 280
CPU usage
alert 280, 281
CPUs
number of 185
creating
CIFS share 111
export
automatically 66, 69
FTP directory 102
NFS export 91, 92
password 30, 34, 379
share 110
automatically 66, 69
username 30, 34, 379
volume 64
current time
console 296
Filers 232
custom DNS 25
custom permission
remote access 149
customer license 1
Nasuni Management Console Guide 7.9
D
dashboard 176, 287
data growth 45, 261
Data Growth chart 53
data migration
alerts 353
permission 238
to volume 9, 236
Data Migration Service 190
Data Not Yet Protected chart 52
days
Quality of Service 217
quota report schedule 222
snapshot schedule 155, 162, 188, 287, 289
decommissioned 249
deduplication 1
default gateway 185, 263, 384, 386, 389
deleting
CIFS share 124
encryption key 213, 327
export 99
FTP directory 109
local volume 61
Mobile Access license 244
notification 367
notifications 367
permission
group 354
Quality of Service
rule 220
Quality of Service rule 220
share 124
shared link 274
snapshot 9, 152
SSL certificate 340
user
permission 349
volume 61
Deny 115, 116, 122, 123
description
editing 203
Nasuni Filer 183
Nasuni Management Console
editing 291
Desktop Client 118
details
Nasuni Filer 176
volume 50, 54, 56
devices 264
DHCP 25, 264, 357, 371
network type 25, 371
with Custom DNS 25
DHCP with Custom DNS 25
414
Index
diagnostics 248, 363
sending to Nasuni Support 248, 363
directory
FTP 5, 6, 7, 9, 10, 44, 100, 101, 102, 103, 104, 107,
108, 109
viewing 100
SFTP 5, 6, 7, 9, 10, 44, 100, 101, 102, 103, 104, 107,
108, 109
directory quota
setting 85
Directory Services 86, 112, 117, 143, 145, 307, 403
Active Directory 86, 112, 117, 143, 145, 403
LDAP 86, 112, 117, 143, 145, 403
Provider 271, 272
disabling
Auto Cache 129
encryption key 133
Mobile Access 244
Remote Support Service 247, 362
disaster recovery 65, 203
encryption key 210, 211, 212, 324, 326, 376
file 377
procedure 369
disconnecting
client 255, 256
from remote volume 68
from volume 62
FTP clients 259
remote volume 62
volume 62
disk
status 185, 268
disk cache 185
disk encryption 204
editing 205
enabling 205
password
changing 205
viewing 204
DNS 25
DNS server 263, 384, 386, 389
DNS servers 185
domain
Active Directory
editing 311, 312
LDAP 309
domain controllers
Network Time Protocol services 300, 315
domain groups 343
domain name 299, 314, 316, 321, 332
Active Directory 299, 314
LDAP Directory Services 303
Nasuni Management Console Guide 7.9
Domain User
adding 347
domain users 342, 343, 344
download
files 71
folders 71
downloading
encryption key 325
file 87
Nasuni Management Console software 16
notifications 90, 366, 368
software
Nasuni.com account 369
SSL certificate 339
duplex 264
duration
alert condition 280
E
EC2
Amazon 2
editing
Antivirus Service 162
automatic software updates
Nasuni Filer 189
Nasuni Management Console 290
cache settings 192
CIFS settings 199
disk encryption 205
export 94, 95
File Alert Service 173
folder quota 143, 145
FTP directory 108
FTP settings 202
Mobile Access service 241
Nasuni Filer description 203
Nasuni Management Console description 291
permission group 353
Quality of Service
rule 219
Quality of Service rule 219
quota 142
quota report schedule 226
remote access 148
share 123
snapshot retention 153
snapshot schedules 156
SNMP settings 230, 294
time settings 233
user
password 346
permission 346
415
Index
editnetwork 383, 384, 386, 387, 389, 390, 391
email
address 293
alert 353
configuring 292
disabling 292
enabling 292
Nasuni ii
Nasuni Support ii
server 293
setting 6, 292
testing 293
email alerts 287
EMC 1
EMC Atmos 1
EMC ViPR 1
enabling
disk encryption 205
encryption key 132
Mobile Access 244
mobile access 118
multiple protocols 139
Remote Support Service 247, 362
snapshot directory access 150
SSL certificate 338
Web access 118
encryption
disk encryption 204
encryption key 130, 131, 183, 208, 209, 287, 322, 323
adding 210, 324
adding to volume 131
algorithm 209, 323
creating volume 65
deleting 213, 327
disabling 133
disaster recovery 376
downloading 325
enabling 132
escrowing 212, 326
file 210, 324
disaster recovery 377
fingerprint 131, 132, 209, 323
generating 210, 324
importing 210, 324
key ID 132, 209, 323
length 209, 323
name 209, 323
password 212, 213, 326, 327
sending 211
status 58
uploading 210, 324
username 212, 213, 326, 327
volume 58
Nasuni Management Console Guide 7.9
encryption keys
uploading 6, 64, 130, 208, 322, 377
error
definition 364
escrowing
encryption key 212, 326
with Nasuni 208, 212, 326
ESXi, VMware 16
exhaust temperature 185, 268
expiration
date 44, 283
shared link 119
subscription 283
expires
shared link 273
Explorer 4
export 4
creating 92
automatically 66, 69
deleting 99
editing 94, 95
name 91, 92
read-only 93, 95, 97
extension
file 47
external hostname 119
F
failed migrations 177
416
Index
file
certificate 333
certificate request 333
deleting 152
downloading 71
encryption key 210, 324
file
disaster recovery 377
File Sizes chart 261
File Sizes in Snapshots chart 48
File Types chart 261
File Types Written chart 47
global locking 71, 80, 84, 85
hiding 117
lock
breaking 85
locking 84
name
case-sensitive 117
owner 75
path 75
permission 238
previous version 117
restoring 71, 80
searching 77
searching for 71, 77
size
number 260
File Alert Service 172
editing 173
viewing 172
file heuristics 260
file lock
CIFS 257
file locking 84, 85
breaking 84, 85
byte-range locking 84, 214
file locks
status 257
File Sizes chart 261
file sizes in snapshot 260, 261
File Sizes in Snapshot chart 48
File Sizes in Snapshots chart 48
file statistics 260
file system
auditing 59, 166
file system browser 71
file system check
on reboot
Nasuni Filer 277
file type 47
number 260
file types 47
Nasuni Management Console Guide 7.9
File Types chart 261
file types in snapshot 260, 261
File Types Written chart 47
Filer Administrator
password 32
username 32
Filer version 185
Filers Online 43
files
cache
viewing 89
unprotected 89
viewing
cache 89
filtering
auditing 169
by criteria 91, 101, 110, 144, 164, 243, 257, 259, 394
by date 76
notifications 366
fingerprint
encryption key 131, 132, 209, 323
Firefox 4
firewall 288, 355
firmware
BIOS 267
BMC 267
RAID 268
folder
access 93, 94, 97, 113
Auto Cache 73, 75, 83, 128
downloading 71
global locking 73, 75
hiding 117
name 128, 136
case-sensitive 117
owner 74
path 74
pinning 73, 75
pinning in cache 13, 81, 136
restoring 71, 80, 87
searching 77
searching for 71, 77
forget pages 39
FreeIPA 271, 303
frequency
Antivirus Service scanning 163
CPU 267, 269
snapshot schedule 154, 155, 156
fsck 277
on reboot
Nasuni Filer 277
417
Index
FTP 57, 100, 138, 139
anonymous access 104, 107
settings 201, 202
FTP access 100, 107
FTP clients
disconnecting 259
viewing 258
FTP directory 5, 6, 7, 9, 10, 44, 51, 100, 101, 102, 103,
104, 107, 108, 109
creating 102
deleting 109
editing 108
name 100
status 258
viewing 100
FTP protocol 7, 9, 55, 68, 100, 137, 139, 147, 150, 161,
166, 201
FTP settings 100, 102, 137, 201, 202
editing 202
viewing 201
FTP summary. 185
Full Disk Encryption 204
G
general alerts 353
generating
invitation link for Mobile Access 242
SSL certificate 332
Generic LDAP domain 303
Generic LDAP/Kerberos 271
gidNumber 303
global file locking 71, 80, 84, 85, 214
breaking 84, 85
byte-range locking 84, 214
enabling 84
global file locking, disabling 214
global locking 84, 214
byte-range locking 84, 214
folder 73, 75
GnuPG 210, 324
Google Chrome 4
group
access 104, 105, 107, 114, 115, 116, 120, 121, 122,
123, 194, 195
permission 342, 345, 346, 348, 350, 351, 353, 354
adding 350
deleting 354
editing 353
viewing 342, 350
group associations 343, 350, 351
groups 287
Groups Granting Access 343
Nasuni Management Console Guide 7.9
H
hardware 267
appliance 180, 185, 267, 268
console 282
power supply
status 185, 268
status 267
information
viewing 267
status 267
hardware appliance
high availability 276, 277
power supply
status 269
hardware errors 177
Hardware Getting Started Guide xvi
Help 34, 35
hiding
file 117
folder 117
high availability
hardware appliance 276, 277
high-availability
cores per CPU 269
CPU frequency 269
CPU model 269
CPUs 269
power supplies 269
RAM 269
serial number 269
temperature 269
Home page 42
hostname 26, 93, 94, 97, 185, 263, 359, 372, 384, 386,
389
external 119
HTTP/REST protocol 1
HTTPS Access Points 51
HTTPS proxy 25, 357, 358, 371
server 359
IP address 26, 372
port 26, 359, 372
Hyper-V format 16
Hyper-V, Microsoft 16, 17
hypervisor 15
I
Identity Management for UNIX 297, 313
idle
timeout 328
importing
encryption key 210, 324
418
Index
informational notification
definition 364
Initial Configuration Guide xvi
initial memory allocation 15
initiator IQN 262
initiators
connected 177
iSCSI 177
inlet temperature 185, 268
installing
Nasuni Management Console 14, 24
Installing the Nasuni Filer on the Azure Platform xvi
Installing the Nasuni Filer on the EC2 Platform xvi
Installing the Nasuni Filer on Virtual Platforms xvi
Internet Explorer 4
invitation link for Mobile Access
generating 242
iOS 179, 182, 240, 241
limiting mobile access to 241
IP address 66, 93, 94, 97, 104, 113, 125, 126, 185,
263, 264, 357, 358, 359, 385, 388
Do Not Proxy 26, 372
HTTPS proxy server 26, 372
Nasuni Management Console 19
primary DNS server 25, 357, 358, 371
secondary DNS server 26, 357, 358, 371
static 25, 371
VPN 242
IP address configuration 382
iPad 179, 182, 240, 241, 243
iPhone 179, 182, 240, 241, 243
iPod Touch 243
IQN 262
iSCSI 186
initiator 262
initiators 262
protocol 55
Qualified Name (IQN) 262
security 66, 125, 126
setting
changing 127
shadow copy 186
status 262
target 262
target name 126
viewing 262
volume 262
creating 66
volumes
number of 44
viewing 125
iSCSI initiators 177
iSCSI summary 185
Nasuni Management Console Guide 7.9
iSCSI volumes 51
J
joining
Active Directory domain 299, 314, 319
LDAP Directory Services domain 299
K
KDC 272, 304, 308, 309
Kerberos 298
Key Distribution Center 272, 304, 308, 309
server 271, 272
key
shared link 273
key ID
encryption key 132, 209, 323
key terms 4
keys
uploading 6, 64, 130, 208, 322, 377
keytab 298
file 308
keytab file 310
L
last snapshot 55
LDAP 1, 57, 100, 138, 140, 201, 258, 297
bind DN 304
bind password 304
Directory Services 403
domain 307, 308, 309
security 297
security mode 297
server 271, 272, 297, 303, 308, 309
LDAP Directory Services 7, 9, 11, 54, 66, 67, 68, 69,
110, 118, 147, 184, 255, 271, 297, 343, 344, 347,
350, 352, 407
domain 309
server
domain name 303
LDAP Directory Services domain
joining 299
leaving
Active Directory domain 321
length
encryption key 209, 323
license 44, 393
refreshing 245, 284
licensed capacity 44, 66, 141, 284
exceeding 44, 58, 284, 353
419
Index
licensed data 45, 261
limit
Quality of Service 217
linking
user
permission 348
Linux 243
CIFS 65
mobile access 241
NFS 65
list
remote volume 69
local data 4
lock
breaking 84, 85
locking
byte-range locking 84, 214
file 71, 80, 84, 85
locks
CIFS file 257
disconnecting 257
log file
auditing 170
pruning 168
login 31
password 31
username 31
logo
Web Access 234, 235
Logout 35, 39
LUN size 262
M
MAC address 264, 392
Mac OS X
CIFS 65
maximum capacity 4
Maximum Expiration 119
maximum transmission unit 264
maximum volumes
trial mode 64
Media Access Control address 264
memory 185
memory allocation 15
initial 15
minimum 15
recommended 15
memory usage 183
alert 280, 281
threshold 280
Nasuni Management Console Guide 7.9
message
console 38
Nasuni Filer shutdown 276
panel 39, 40
alert 39, 41, 365
test 293
messages
notifications 4, 364
metadata 4, 12, 253
Microsoft Azure 1, 2
Microsoft Hyper-V 16, 17
migration
completed
number of 45
failed
number of 45
running
number of 45
scheduled
number of 45
schedules
viewing 239
sources
viewing 238
viewing 236
migration schedules 184
migration sources 184
migrations 184
completed 177
failed 177
running 177
scheduled 177
minimum memory allocation 15
Mobile Access 184, 243
additional port 241
API port 240
device 240, 243
disabling 244
enabling 244
license
deleting 244
licenses
viewing settings 243
limiting device type 241
limiting time 241
limiting to one device 241
Nasuni Application 244
service
editing settings 241
viewing settings 240
mobile access
enabling 118
limiting device type 241
420
Index
Mobile Access clients 177
Mobile Access licenses 184
Mobile Access usage
chart 179, 182
monitoring
SNMP
Nasuni Management Console 228, 294
Mozilla Firefox 4
MTU 264, 384, 386, 388
multiple protocols 137
enabling 139
viewing 137
N
name
account 283
Active Directory domain 316, 318, 320
certificate 330, 332, 334
certificate request 333
encryption key 209, 323
export 91, 92
folder 128, 136
FTP directory 100
Nasuni Filer 180
changing 203, 291
port 264
share 112
volume 54, 57, 65, 68, 91, 100, 110, 125, 131, 134,
135, 138, 141, 142, 144, 147, 150, 152, 155,
158, 161, 164, 166, 172
setting 65
Windows workgroup 300, 315
Nasuni Application
Mobile Access 244
Nasuni Desktop Client 118
Nasuni Filer 4
automatic software updates 188
details 176
managed
number of 44
name 180
changing 203, 291
online 177
platform 180
software
updating 279
software updates 177
number of 43
unmanaged
number of 44
Nasuni Filer description 183
Nasuni Filer user interface 4
Nasuni Management Console Guide 7.9
Nasuni Filers managed
number of 176
Nasuni Filers unmanaged
number of 176
Nasuni Management Console 2, 4
disabling 3
enabling 3
installing 24
Nasuni Management Console Guide xvii
Nasuni Management Console Quick Start Guide xvii
Nasuni.com account
downloading software 369
remote access 147
native users 342, 344
netmask 25, 93, 94, 97, 113, 264, 357, 371, 384, 385,
388
network
configuration
password 338
username 338
settings 263
viewing 263
type 264
DHCP 25, 371
static 25, 371
Network Time Protocol
NTP 25, 357, 358, 371
port 123 233, 296
services from domain controllers 300, 315
network type
static 25, 357
NFS 65, 297, 313
export 55
protocol 55, 68, 147, 150, 161, 166, 238
volume 64
NFS export
number of 44
viewing 91
NFS exports 51
NFS summary. 184
NFSv4 57, 91, 138, 140
NFSv4 ACL 57, 138, 140
NFSv4 protocol 57, 91, 138, 140
NMC
Nasuni Management Console 4
NMC Administrators 342
no_root_squash
UNIX 93, 94, 96, 97
node
active 269
standby 269
421
Index
notification 365
alert 364
deleting 367
near quota 66, 141
sorting
by date 366
by severity 366
by text 366
types of 364
notifications
deleting 367
downloading 90, 366, 368
filtering 366
number of 43
viewing 365
Notifications page 6
NTFS 57, 138, 139
NTP
Network Time Protocol 25, 357, 358, 371
time server 25, 357, 358, 371
NTP servers 232
O
online
Nasuni Filer 177
OpenPGP 208, 210, 322, 324, 404
operating system
version 185
OS X 243
mobile access 241
OS X client 200
OS7 15
outbound bandwidth 218
overwriting
during restore 88
OVF format 16
P
passcode 186
Nasuni Management Console Guide 7.9
password 32
Active Directory 316, 321
automatic software updates
Nasuni Filer 279
changing 35, 38
CHAP 66
creating 30, 34, 379
disk encryption
changing 205
encryption key 212, 213, 326, 327
Filer Administrator 32
login 31
Nasuni Filer shutdown 276
network
configuration 338
power 37
shared link 273
software updates
Nasuni Management Console 360, 363
strength 30, 38, 346, 379
user 346
editing 346
volume
deleting 61, 62, 124
pausing
Side Load 251
pending updates
acknowledging 266
viewing 266
performance tuning 93, 95, 96, 98
permission
custom
remote access 149
for data migration 238
group 342, 345, 346, 348, 350, 351, 354
default 342
viewing 342, 350
remote access 148
remote volume 54, 147
user 342, 345, 346, 348, 349, 350
adding 345, 346
deleting 349
editing 346
linking 348
permission group 350, 351, 353, 354
adding 350, 353
deleting 354
editing 353
permissions 395, 397
PGP 210, 324
physical port 264
422
Index
pinning
folder 73, 75
folder in cache 13, 54, 58, 81, 136
iSCSI volume in cache 66, 127
viewing 136
platform 185, 267
Nasuni Filer 180
platform information
viewing 267
policy 265
port
123
Network Time Protocol (NTP) 233, 296
161
SNMP monitoring 228, 294
25
SMTP port 293
HTTPS proxy
server 26, 359, 372
name 264
port 443 242
POSIX 57, 138, 140, 199
POSIX ACL 57, 138, 140
POSIX client 200
power 35, 37
password 37
username 37, 279
power option 37
power supply
status 185, 268, 269
power supply problems
number of 43
power window 37
powering down 37
Preview 15
previous version
file 117
primary DNS 25, 357, 358, 371
primary DNS server
IP address 25, 357, 358, 371
privacy policy 34, 35
private cloud
data 45, 53, 284
protocol 91, 101, 110, 258
FTP 7, 9, 100, 137, 139, 147, 150, 161, 166, 201
SFTP 7, 9, 100, 137, 139
SMB 199
SMB2 199
SMB3 199
SMBv2 199
SMBv3 199
volume 55, 57, 68, 147, 150, 161, 166, 238
Nasuni Management Console Guide 7.9
protocols
multiple 137
volume 137
Provider
Directory Services 271, 272
proxy 288
proxy server 288
HTTPS 359
Publicly Available 68, 110, 147, 184, 271
security mode 271
Q
QoS
Quality of Service 216
Quality of Service 184, 217, 219, 220
days 217
limit 217
rule
adding 217, 218
deleting 220
editing 219
scheduling 216
time 217
viewing 217
quota 71
directory 85
editing 142
folder
editing 143, 145
viewing 142
notification near 66, 141
rule
viewing 144
threshold 221, 222, 223, 224, 225, 226, 227
viewing 141
volume
setting 10, 66, 141
quota limit 86, 144, 145
quota report 85
administrative reports 223, 225, 227
schedule 221, 224, 226, 227
adding 224
days 222
editing 226
time 222
viewing 222
scheduling 222
sending manually 223
threshold 222
types 222
user reports 223, 225, 227
quota reports 353
423
Index
R
RAID
firmware 268
status 185, 268
RAID battery
status 268
RAM 268
Read/Write 54, 147
Read-Only 54, 147
Read-Only access 115, 116, 122, 123
read-only access 93, 95, 97, 103, 113, 148, 149
read-write access 115, 116, 122, 123, 148, 149
rebooting
after automatic software updates
Nasuni Filer 278
after software updates
Nasuni Management Console 360
Nasuni Filer 275, 276, 277
with file system check 277
with fsck 277
Nasuni Management Console 37, 38, 360, 379
recommended memory allocation 15
refreshing
subscription license 245
refreshing subscription license 284
region 58, 65, 232, 296
Release Notes
viewing 36, 360
remember pages 39
Remote Access 50, 51
remote access 54, 68, 147
Antivirus Service scanning frequency 163
connecting
to volume 68
disconnecting
volume 62
editing 148
maximum group size 284
maximum volumes 284
Nasuni.com account 147
permission 148
custom 149
snapshot frequency 156
status 59
viewing 147
Remote Support 177, 184, 288
Remote Support Service 246, 362
disabling 247, 362
enabling 247, 362
viewing settings 246
Nasuni Management Console Guide 7.9
remote volume
connecting to 68
disconnecting from 68
list 69
maximum number 284
removing alert from Home page 367
renaming
volume 134
replacing
SSL certificate 336
requirements
virtual machine 14
resetting
CIFS authentication cache 255
client 255, 256
resetting certificate
console 282
restoring
backup before 88
file 71, 80
folder 71, 80, 87
folder from snapshot 87
restoring file or folder
snapshot 87, 88
retention
snapshot 59, 130, 152, 153, 208, 322
reviewing
antivirus violations 165
RFC 2307 297, 313
RFC2307 304
RFC2307bis 304
role-based access control 342
root_squash
UNIX 93, 94, 96, 97
running migrations 177
S
S3
Amazon AWS S3 1
Safari 4
saving
SSL certificate 339, 341
schedule
snapshot 9, 59, 154, 156
sync 59
scheduled migrations 177
424
Index
scheduling
antivirus 161
automatic software updates 289
Quality of Service 216
quota report 222
snapshot 9, 154, 156
sync 157
search
for files 71
for folders 71
pages 39
text box 39
search domain 263, 384, 386, 389
search domains 185
searching
file and folder for restore 77
snapshot 77
searching for
file 77
folder 77
secondary DNS 26, 357, 358, 371
secondary DNS server
IP address 26, 357, 358, 371
security
Active Directory 271, 297
configuring 297, 313
iSCSI 66, 125, 126
LDAP 297
security mode 54, 68, 110, 147, 184, 271
Active Directory 297, 313
LDAP 297
Publicly Available 271
security setting 208, 322
security settings 271
viewing 271
self-signed certificate 11, 12, 282, 329, 332
send diagnostics
username 363
sending encryption key 211
serial number 29, 183, 283, 285, 375
server
Active Directory 271, 297
LDAP 297
Service Level Agreement 34, 35
session expiration 240
session timeout 328
setaddr 388
setall 385
setsystem 388
Nasuni Management Console Guide 7.9
setting
name
volume 65
volume
name 65
setting sync errors
number of 43, 52, 178
settings
FTP 201, 202
setup wizard 370
SFTP 1, 57, 138, 139
SFTP access 100, 107
SFTP directory 5, 6, 7, 9, 10, 44, 100, 101, 102, 103,
104, 107, 108, 109
SFTP protocol 7, 9, 100, 137, 139
SFTP settings 100, 102, 137, 201, 202
shadow copy
iSCSI 186
share 4
access 113
creating 110
automatically 66, 69
deleting 124
editing 123
name 112
read-only 113
visible 112
volume and 4
shared directory 110, 131, 209, 291, 323
shared link 119, 273
deleting 274
expiration 119
expires 273
key 273
password 273
status 273
viewing 273
shutdown
Nasuni Filer 275
message 276
password 276
username 276
Nasuni Management Console 37, 38
Side Load 249, 251
pausing 251
signature type 330
size
cache 268
SMB 199, 297, 313
SMB protocol 199
SMB2 199
SMB2 protocol 199
SMB3 protocol 199
425
Index
SMBv2 protocol 199
SMBv3 protocol 199
SMTP
port 25 293
SMTP server 293
snapshot
access 59, 117
alert 280, 281
and Quality of Service 216
and quota 10, 66, 141
before disconnecting from remote volume 62
before Nasuni Filer shutdown 275, 276
cancelling
63
definition 4
deleting 9, 152
detail 12, 154, 216
directory access
enabling 150
enabling directory access 150
file sizes in 47, 48, 260, 261
file types in 47, 48, 260, 261
frequency 156
restoring file or folder 87, 88
restoring folder and file 87
retention 59, 130, 152, 153, 208, 322
schedule 9, 59, 154, 156
scheduling 9, 154, 156
searching 77
searching for file 77
taking 55
snapshot access 117, 150
Snapshot Directory Access 59, 117
snapshot directory access 150
viewing 150
snapshot restore alerts 353
snapshot retention 152
and compliance 153
editing 153
viewing 152
snapshot retention policy 9, 152
snapshot schedule 154
days 155, 162, 188, 287, 289
frequency 155
time 155, 162, 188, 287, 289
snapshot schedules
editing 156
viewing 154
Nasuni Management Console Guide 7.9
SNMP
monitoring
Nasuni Filer 228
Nasuni Management Console 228, 287, 294
Nasuni Filer
editing settings 230
viewing settings 229
Nasuni Management Console
editing settings 294
port 161 228, 294
settings
Nasuni Filer 184
trap 229, 231
v3 229
sockets
CPU 267
software
version 185
software update
username 360
software updates 184, 288, 353
automatic
Nasuni Filer 188
viewing 278
Nasuni Management Console 289
manual
Nasuni Filer 279
Nasuni Management Console 360
Nasuni Filer
number of 43
Nasuni Management Console 360
number of 43
scheduling 289
sorting lists 41
speed
port 264
SSH 265
SSL 293
SSL certificate 20, 184, 282, 287
deleting 340
downloading 339
enabling 338
generating 332
replacing 336
saving 339, 341
uploading 334
SSL certificate information
copying 331
viewing 282, 329
SSL certificates 282, 329
standby node 269
static 264
network type 25, 357, 371
426
Index
static IP address 384
status
CIFS clients 254
CIFS file locks 257
disk 185, 268
encryption key 58
FTP directory 258
hardware
appliance 267
iSCSI 262
power supply 185, 268, 269
RAID 185, 268
RAID battery 268
remote access 59
shared link 273
Storage Access 343, 344, 352
storage controller 4
subnet mask 264
subscription
expiration date 283
subscription license 44
refreshing 245, 284
subscription mode 283
super user 395
superuser 93, 94, 96, 97
sync
schedule 59
scheduling 157
volume 157
Sync path
central configuration 193
time 296
editing settings 233
Quality of Service 217
quota report schedule 222
snapshot schedule 155, 162, 188, 287, 289
viewing settings 232
time configuration 184, 232, 296
time server 232, 287, 296
Active Directory 233
time.nasuni.com 233, 296
time services
from domain controllers 300, 315
time settings 296
time zone 35, 232, 287, 296
selecting 40
time.nasuni.com
time server 233, 296
timeout
idle 328
session 328
TLS security 293
traffic group 264, 265
trap
SNMP 229, 231
trial license 44
trial mode
maximum volumes 64
trusted domains
Active Directory 297, 300, 312, 315
U
T
take snapshot 62
taking snapshot 55
target IQN 262
target name
iSCSI 126
target volume 262
temperature 185, 268
terms of service 34, 35
test
message 293
Test Email Recipient 293
testing email 293
text conventions xv
Third-Party Licensing Guide xvii
threshold
alert 280
CPU Usage 280
memory usage 280
quota 221, 222, 223, 224, 225, 226, 227
Nasuni Management Console Guide 7.9
uidNumber 303
Unified Storage Access Points 51
UNIX 57, 138, 139, 297, 313
all_squash 93, 95, 96, 97
CIFS 65
NFS 65
no_root_squash 93, 94, 96, 97
root_squash 93, 94, 96, 97
UNIX client 65
unmanaged Nasuni Filers 176
unprotected files 89
updates
Nasuni Filer
password 279
Nasuni Filer software 177
Nasuni Management Console
password 360, 363
scheduling 289
427
Index
updating
Nasuni Filer software 279
software
Nasuni Management Console 360
uploading
encryption key 210, 324
encryption keys 6, 64, 130, 208, 322, 377
SSL certificate 334
uptime 184
usage metrics 260
user
access 93, 94, 96, 97, 106, 115, 116, 122
authenticating 114
domain 343
native 342
password 346
editing 346
permission 342, 345, 346, 348, 349, 350
adding 345, 346
deleting 349
editing 346
linking 348
viewing 344
User Folders Support 117
and directory quota 86, 143, 145
user reports 223, 225, 227
username 32
Active Directory 316, 321
CHAP 66
creating 30, 34, 379
encryption key 212, 213, 326, 327
Filer Administrator 32
for Nasuni Filer shutdown 276
for power 37, 279
for send diagnostics 363
for software update 360
login 31
network
configuration 338
viewing 35
volume
deleting 61, 62, 124
users 287
Using Multiple Protocols xvii
version
and snapshot 9, 154
base operating system 185
file 117
Filer 185
Nasuni Filer software 185
Release Notes 36
software
Nasuni Filer 185
V
vault
Cleversafe 58
Nasuni Management Console Guide 7.9
428
Index
viewing
Active Directory domain 317
Antivirus Service 161
antivirus violations 164
Auto Cache folder 128
automatic software updates
Nasuni Filer 188, 278
Nasuni Management Console 289
cache 89
cache jobs 253
cache settings 191
CIFS client 254
CIFS settings 198
directory
FTP 100
File Alert Service 172
files
cache 89
folder quota 142
FTP clients 258
FTP directory 100
FTP settings 201
hardware and platform information 267
iSCSI 262
volumes 125
migration schedules 239
migration sources 238
migrations 236
Mobile Access licenses 243
Mobile Access service 240
multiple protocols 137
network settings 263
NFS export 91
notifications 365
pending updates 266
permission
group 342
permission group 350
pinning 136
Quality of Service 217
quota 141
quota report schedule 222
quota rule 144
Release Notes 36, 360
remote access 147
Remote Support Service 246
security settings 271
shared link 273
snapshot directory access 150
snapshot retention 152
snapshot schedules 154
SNMP settings
Nasuni Filer 229
Nasuni Management Console Guide 7.9
SSL certificate information 282, 329
time settings 232
user 344
username 35
violation alerts 353
ViPR 1
virtual machine 180
requirements 14
virtual machine platform 15
virtual platform 267
VM 15
VMware ESXi 16
429
Index
volume
accessible data 55
auditing for 166
browsing 72
CIFS 64
cloud provider 58
creating 64
CIFS share 110
creating NFS export 91
data migration to 9, 236
definition 4
deleting 61
password 61, 62, 124
username 61, 62, 124
details 50, 54, 56
disconnecting 62
enabling
snapshot directory access 151
encryption key 58
export
creating 66, 69
maximum number 283
name 54, 57, 65, 68, 91, 100, 110, 125, 131, 134,
135, 138, 141, 142, 144, 147, 150, 152, 155,
158, 161, 164, 166, 172
setting 65
NFS 64
protocol 55, 57, 68, 147, 150, 161, 166, 238
CIFS 65
iSCSI 65
NFS 65
protocols 137
quota 66
setting 10, 66, 141
renaming 134
restoring folder 87
share 4
creating 66, 69
snapshot
cancelling 63
taking 62
sync 157
volume protocols 137, 139
volume size 125
volumes managed
number of 44, 50
VPN
IP address and 242
VSS 186
VSS Hardware Provider 186
Nasuni Management Console Guide 7.9
W
warning
capacity exceeded 44, 58, 284, 353
definition 364
Web Access 15, 273
branding 123, 234
logo 234, 235
settings 119
shared link 119
Web access
enabling 118
Web browsers 4
wildcard “%U” 112, 117
Windows 243
mobile access 241
snapshot access 117
Windows client 65
Windows Previous Versions 1, 117
Windows workgroup
name 300, 315
wizard
setup 370
workgroup name
Active Directory domain 307, 316, 318, 320
430

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz