Dell EqualLogic PS6210E EqualLogic Group Manager Administrator s Guide PS Seri - Page 115
About Snapshot Access Controls, About Multihost Snapshot Access
View all Dell EqualLogic PS6210E manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 115 highlights
About Snapshot Access Controls Online snapshots are seen on the network as iSCSI targets. It is important to protect your snapshots from unauthorized and uncoordinated access by iSCSI initiators. NOTE: When a snapshot is online and accessible, a user or application can change the contents of the snapshot. If the content changes, the snapshot no longer represents a point-in-time copy of a volume and has limited use for data recovery. All iSCSI target security mechanisms apply to snapshots, including access control policies, which prevent unauthorized iSCSI initiator access to a volume and its snapshots. About Multihost Snapshot Access In a shared storage environment, you must control computer access to iSCSI targets (volumes and snapshots), because multiple computers writing to a target in an uncoordinated manner can result in volume corruption. You can allow or disallow multihost (shared) access to a snapshot. If you disallow multihost access to a snapshot, only one iSCSI qualified name (IQN) can connect to the snapshot at one time. However, if you have a certain environment, you might want to allow multihost access to a snapshot. See About Multihost Access to Targets. NOTE: To disable multihost access to a snapshot, first disconnect all initiators from the snapshot except one. If multiple initiators have connections when you try to disable multihost access, the operation fails unless the initiators have the same IQN. Allow or Disallow Multihost Snapshot Access To enable or disable multihost access to a snapshot: 1. Click Volumes. 2. Expand Volumes and then expand the volume name. 3. Select the snapshot timestamp. 4. In the Activities panel, click Set access type to open the Set Access Type dialog box. 5. To allow multiple initiators to access the target, select the Allow simultaneous connections from initiators with different IQNs checkbox. (By default, this checkbox is not selected.) 6. Click OK. About NAS Container Security You control access to your NAS containers through volume-level and group-level security. Windows and UNIX operating systems use different mechanisms for user identification, authentication, and resource access control. The file security style controls the type of operations that are permitted in the NAS container. When you create a NAS container, the NAS cluster applies the NAS clusterwide default file security style. When a file or directory is created, the default NAS container security style, which controls the permissions and ownership, is applied. You can modify a NAS container to change the file security style. The modification will affect only those files and directories that are created after the modification. A NAS cluster supports the following security styles: • UNIX - Controls file access using UNIX permissions in all protocols. A client can change a permission only by using the chmod and chown commands on the NFS mount point. You can specify UNIX permissions for files and directories created in the NAS container by Windows clients. About Volume-Level Security 115