Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

NetApp security

Status
Not open for further replies.
peterve

peterve

IS-IT--Management
Mar 19, 2000
1,348
NL
Hi,

I would like to set up my NetApp FAS 270 and the servers that connect to it (iSCSI) to
- use IPSec between servers and FAS
- use CHAP authentication (mutual if possible)

additionally, I don't want to use rsh, but I still want to be able to execute snapshots or mount LUN's by using scripts on the server (not on the FAS)

Is this possible ?
Some guy told me that NetApp has never set up the IPSec/CHAP piece before... but since these 2 things are part of the OS, I find that hard to believe...
Has anyone done this before ?

--------------------------------------------------------------------
How can I believe in God when just last week I got my tongue caught in the roller of an electric typewriter?
---------------------------------------------------------------------
 
Sort by date Sort by votes
Have you looked at SnapDrive for this functionality? I believe this is what it was designed for...
 
Upvote 0 Downvote
ok, but what about CHAP and IPSec ?

--------------------------------------------------------------------
How can I believe in God when just last week I got my tongue caught in the roller of an electric typewriter?
---------------------------------------------------------------------
 
Upvote 0 Downvote
I really don't think Netapp wouldn't have looked into the IPSEC and CHAP, as they own Decru Datafort which is a storage security appliance builder ,specialised in encryption and so on (

rgds,

R.
 
Upvote 0 Downvote
1. You might want to read the Block access management guide for iSCSI for details on setting up the iSCSI initator and what authentication settings to use. You'll also find specific examples of using CHAP authentication for the iSCSI initiator in the Snapdrive 3.2 installation and administration guide.

2. For RSH, I believe you are referring to scripting certain SnapVault commands. SSH also works. For filer based commands, you can still use FilerView or DFM as well. DFM can use either RSH or SSH.

3. Sanpdrive is the component installed on the host that provides out of band management of LUNs to include the operations you specified. If you do not wish to perform these operations from the host or the filer, you can perform them using SDCLI from a dedicated management console.

4. NetApp does own Decru.





 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

jayziaee
  • Locked
  • Question
netapp robocopy issue
Replies
0
Views
59
jayziaee
jayziaee
cdtech9198
  • Locked
  • Question
utility to migrate Windows boot from SAN from NetAPP to VMax
Replies
0
Views
61
cdtech9198
cdtech9198
enzo288
  • Locked
  • Question
SRM for NetApp and Dell EqualLogic
Replies
1
Views
70
mrdenny
mrdenny
trmg
  • Locked
  • Question
Newbie: NetApp FAS920C Filer and DS14MK2 Shelves
Replies
10
Views
107
RMGBELGIUM
RMGBELGIUM
chud67
  • Locked
  • Question
How to evaluate a NetApp server?
Replies
5
Views
86
RMGBELGIUM
RMGBELGIUM

Part and Inventory Search

Sponsor

Back
Top