Judsonian.com

NetApp Insight 2023 – Event Rundown and Tech Updates

Before I start rattling off some tech updates to come out of NetApp Insight 2023 I wanted to start by rambling about the event in general. On the off chance someone who’s actually in charge of the event will swing by here. I know a lot of my colleagues will swing by here, and a lot will be on the same page. First and foremost, after being remote for several years, Insight back in person was fantastic. I got to meet friends and colleagues I haven’t seen in ages, and meet new folks I would’ve never spoken to otherwise. Everyone[…]

Read more

ONTAP Temperature Sensitive Storage Efficiency (TSSE) – A Simple Introduction

I wanted to take a few minutes (famous last words before this becomes essay length) about Temperature Sensitive Storage Efficiency (TSSE) available on NetApp ONTAP platforms. It’s a fairly straightforward concept, but enhancements and the release of NetApp’s new AFF C line have injected a bit of confusion. Hopefully this helps clear things up, or at least points you in the right direction. What is TSSE? A core component of ONTAP is a series of built in storage efficiencies, including deduplication, compression, and compaction. Through in-line processes data that is written to an AFF ONTAP platform is reduced before being[…]

Read more

NetApp ONTAP – Setting up Multi-Admin Verification via CLI and System Manager

Okay, so maybe hiring that guy who looks like Snidely Whiplash was a poor choice. Starting with ONTAP 9.11.1 you can enable further secure ONTAP by setting up multi-admin verification, or MAV for short. MAV can prevent system administrators from taking certain data disruptive actions without getting approval from at least one other administrator. How it Works MAV works by creating a rule set of commands or GUI operations that require multiple users to approve before it can be executed. Alongside are administrator groups which can provide authentication for those actions. When an action is triggered that’s a part of[…]

Read more

NetApp ONTAP – Whitelist and Blacklist Extensions with FPolicy via CLI, API, and System Manager

Within NetApp’s ONTAP software there’s the ability to monitor NAS actions via functionality called FPolicy. It’s essentially a notification framework that’s built around the logging and notification of actions against SMB/CIFS and NFS shares. The real power of FPolicy comes to light when you partner it with an off-system engine like Varonis or Cloud Secure, opening the door to all kinds of smart security controls. Native on-system FPolicy functionality is comparatively limited. While the framework is active and feeds info back into the other areas like logging, it lacks the majority of feature rich components an off-system partner provides. One[…]

Read more

AWS and VMware Cloud go live with FSx NetApp ONTAP datastores – An introduction and guide

Recently, at VMworld Explore, VMware and AWS announced general availability of the much-anticipated integration of AWS’ FSx NetApp ONTAP NFS shares for use in their VMware Cloud virtualization stack. This article will cover the benefits and considerations so you can see whether it fits with your cloud journey. I tried to create a title for this post that wasn’t incredibly long, without using a metric ton of acronyms. Forewarning this post is going to be acronym heavy, even more so as usual, since we’re combining technical concepts across three acronym pushing tech companies. TL;DR VMware’s stack in AWS, VMC, now[…]

Read more

NetApp Cloud Volumes ONTAP – Understanding Offerings, Licensing, Pricing, and More

The sky above the port was the color of television, tuned to a dead channel. “All these different licensing tiers are confusing,” Judsonian heard someone say, as he shouldered his way through the crowd around the door of NetApp. “It’s like someone took a simple concept and set the difficulty to 11.” It was a Cloud voice and a Cloud joke. Simply put, NetApp’s Cloud Volumes ONTAP (CVO) is a simple great product. The licensing around it, well, that’s a lot more cumbersome. CVO – What is it? How is it licensed? CVO is NetApp’s ONTAP software running in AWS,[…]

Read more

NetApp StorageGRID – Understanding Erasure Coding and Information Lifecycle Management

Erasure Coding (EC) and Information Lifecycle Management (ILM) aren’t unique to StorageGRID. They’re ubiquitous to the object storage landscape, underpinning concepts like RAID and compression. Yet if you’re unfamiliar with the architecture these concepts might be confusing at first glance. The hope with this post is to cover these concepts, not only in direct relation to StorageGRID, but in a way that can apply globally. A Quick Intro to Object Storage Objects are a data storage methodology going back several decades. The general idea is instead of creating and maintaining a hierarchical file system the file/chunk of data/block is packaged[…]

Read more

Intro to Autonomous Ransomware Detection and Mitigation in ONTAP 9.10.1 and Later

With the release of ONTAP 9.10.1 comes a new feature built into ONTAP, anti-ransomware detection. What it Does One of the concerns of a ransomware attack is the lack of visibility, which directly impacts response time. If ransomware kicks off overnight, or over the weekend it could be hour or days before anyone knows what happens. For archive environments it could be even longer with disastrous consequences. Anti-ransomware detection in ONTAP is built on file system analytics and uses “machine learning” to detect possible ransomware attacks on NAS. The first thing it’s looking for is whether the incoming data is[…]

Read more

NetApp ONTAP – Protecting Against Ransomware

First off, this post is thanks to my mate Charles. He wrote most of this up for his customers and I asked if I could snag it, throw my spin on it, and share it here. A lot of this comes from TR-4569, Security Hardening for ONTAP. That should be your go-to source for security on ONTAP. There’s also TR-4572, The NetApp Solution for Ransomware, which is sadly light on details and out of date. There’s also a pretty nifty video from Insight 2020 that covers a lot (I’ll even reference it later). This post is more ransomware concern forward.[…]

Read more

Amazon FSx for NetApp ONTAP – A Brief-ish Overview

Who is your daddy and what does he do? What is it? Amazon FSx is AWS’s managed services for filesystems. Basically if you want Windows File Server or Lustre out of the box – aka don’t want to manually setup and support those in your environment – you can use FSx to deploy an AWS managed environment. FSx NetApp ONTAP, FSx for ONTAP, FSx ONTAP, or FSxO (pick your preferred name out of a hat) is the same. It allows AWS users to provision NetApp’s ONTAP environment as a service managed directly by AWS. Dec 10 Update – The internal[…]

Read more