Hey all, One of the engineering projects we have been working on is building a E-Series collector for CI that uses E-Series' REST API. This should be easier for us to implement enhancements in the future, but also allow easier troubleshooting for y'all in the field as TLS+HTTP is more easily understood versus the legacy API. We are going to ship this in a few weeks, but I could patch a CI tenant to expose this new collector option today, if you would like. This will result in a new E-Series REST collector tile option for collector creation. From a functionality standpoint, the REST collector currently is ~105% of what you are accustomed to with the existing legacy API option - we have added a few minor enhancements like populating the "isEncrypted" boolean value as appropriate, and node utilization % as a performance counter is available. Questions you may have: How do I get it early? I want to be in with the in-crowd! PM me here, or email ostiguy at netapp dot com, with your CI tenant URI. How do I migrate to it? Ensure you have a CI AU with HTTPS connectivity to the E-Series array. Create a new E-Series REST collector, and once it is successful, you can then remove the legacy collector Will I lose history if I follow the migration plan above? Nope What is required? Monitor/read only level credentials, and HTTPS connectivity to the array from a CI Acquisition Unit hosting the collector. You can populate the IP/hostname field with a comma delimited string - the collector ONLY needs to speak to one controller in the array, but if you populate this field with a comma delimited string, CI should intelligently attempt to speak to the second controller IF for whatever reason the first is inaccessible. Populating this field with only one IP/simple hostname/FQDN is also technically possible, but probably not a best practice for resiliency. Is the off-array installable E-Series REST API deployment supported? No - we are only targeting E-Series arrays with native REST API capabilities. We'd recommend continuing to use the legacy collector for any older arrays lacking native REST API capabilities. Matt
... View more
Hey all, Wherever you are in the world, if you are a Cloud Insights user, you will no longer see the "Preview" label on our Brocade / Broadcom FOS REST collector thanks to deployments earlier this week. In the past quarter, we have been refining and enhancing our approach, and we think this collector is ready for general usage. There are a few aspects to consider: FOS introduced their REST API with FOS 8.2. But some features like routing only received REST API capabilities with 9.0 = if you are a Brocade routing shop, if you are NOT yet on 9, you probably want to wait to switch to REST If you have a fabric consisting of mixed FOS assets 8.2 higher, but with some < 8.2, your CI FOS REST collector WILL fail to discover those older assets. You can edit your FOS REST collector, and build a comma delimited list of the IPv4 address of those devices for exclusion from that collector = this will stop this collector from reporting "Partial Success...." Your strategy for discovering earlier assets should be our Brocade CLI+SNMP based collector. We general expect that CI users will find this collector much easier to deploy - the historical Brocade CLI+SNMP collector requires both an appropriate user account AND correct SNMP configuration for both inventory and performance collection success - the FOS REST collector is purely REST API based. Finally, this collector is also doing something I find pretty cool - to continue the theme of improving usability, we are dynamically attempting to speak to each switch with both HTTP and HTTPS as Brocade FOS devices only want to speak one of those - if your switch has a digital certificate installed, it blocks HTTP data flow via REST. If your switch does not have a digital certificate installed, TCP port 443 has nothing listening, such that inbound requests from CI result in a TCP timeout. So, this collector has some options to change protocol from HTTPS to HTTP much like many of our collector types, but that simply changes the order in what we attempt first - we will try the other in the first fails before presenting any errors. So, all things considered, I am very optimistic folks will find our FOS REST collector much easier to deploy and maintain. Matt
... View more
I originally had Data Collectors setup in Cloud Insights using cluster admin credentials. I just followed the steps at https://docs.netapp.com/us-en/cloudinsights/task_add_collector_svm.html#a-note-about-permissions in the "Permissions when adding via Cluster Management IP:" section and the cmddirs in the role that was created all match and the ssh and ontapi access were granted, but when I switched the credentials in the collector to this new account the collectors fail and I get this when I test the connection "Configuration: Failed to execute test command on device - NetApp ONTAP zapi communication failed: cluster-identity-get failed: Insufficient privileges: user 'csuser' does not have read access to this resource." Oriole::> security login role show -vserver Oriole -role csrole
Role Command/ Access
Vserver Name Directory Query Level
---------- ------------- --------- ----------------------------------- --------
Oriole csrole DEFAULT none
event catalog all
event filter all
event notification all
event notification destination all
network interface readonly
security certificate all
version readonly
volume readonly
volume snapshot -snapshot cloudsecure_* all
vserver readonly
vserver fpolicy all
12 entries were displayed. Oriole::> security login show -role csrole
Vserver: Oriole
Second
User/Group Authentication Acct Authentication
Name Application Method Role Name Locked Method
-------------- ----------- ------------- ---------------- ------ --------------
csuser ontapi password csrole no none
csuser ssh password csrole no none
2 entries were displayed.
... View more
Hi community! I´m a new in the container world but i would like to test Cloud Insights to monitor a Kubernetes local environment (installed by K3d wrapper). Is it possible? I have to do any specific configuration for it? Thanks in advance!
... View more
While other storage systems may provide some ransomware protection, they do not provide protection from insider threats. NetApp® storage systems are different. Very different. We are unique in the use of AI/ML to build a “normal access” profile for each user then monitor all user actions to spot any behavioral anomalies that indicate a possible threat (either malicious or accidental), then use automatic policies to stop an attack before it causes even more damage. Zero trust = zero tolerance By establishing a zero-trust architecture, you're not solely reliant on a trusted internal network. Many insider threat incidents that compromise your data can be caused by negligent or careless individuals who are already trusted members of the network. The zero-trust approach is key to stepping up your security and protection. This means that whenever unusual behavior is noticed — even from the CEO — quick action to block those users to prevent further data theft or file damage is initiated. These actions are just the first step. It can also help an enterprise by: Inspecting and analyzing all data access activity in real-time to detect malicious behaviors Zeroing in on the source of the suspicious behavior and attacks Alerting you immediately of a potential attack in progress Protecting user data and providing a safe restoration point if there’s a potential breach Increasing the speed at which you’re able to identify and recover potential damage Decreasing downtime While ransomware gets most of the attention in compromising critical data, Insider Threats are actually more costly to remediate due to the reported frequency of these incidents. The average ransomware incident remediation cost is around $1.4M, but the Insider Threat cost, while lower on a per-incident basis, is many times higher overall. The average organization remediation cost is approximately $15.4M per year. Ransomware protection is good, but it is only one part of the equation; NetApp is unique in providing storage systems protection, at the storage level, from insider threats, adding an additional layer of defense for business-critical data. Cloud Insights – Infrastructure Monitoring | NetApp
... View more
