Tech ONTAP Blogs

Demystifying BlueXP


BlueXP is NetApp’s SaaS-delivered unified control plane for storage and data services across on-premises and cloud environments. It delivers operational simplicity combined with powerful and intelligent data management, protection, mobility, and governance services. 


BlueXP Canvas.png


It's easier than you think

Getting started with BlueXP is as easy as getting started with any other SaaS service; such as LinkedIn, Office365, Salesforce, or even NetApp Active IQ. You point your browser to its URL ( and if you’re a NetApp customer, just log in with your NetApp Support Site (NSS) credentials. If you’re not already a NetApp support customer, simply register, create a userID and password, and begin using the service. There’s nothing to install, nothing to deploy – just login and get started. 


Once logged in, you can do several things: 


Connectors take it up a level

Connectors are a very common component in SaaS solutions, acting as a bridge between different environments to ensure information passes between them in a secure, scalable manner.  Connectors are regularly found in cloud services (such as those from AWS, Azure, Google, etc.) especially when interacting with on-premises assets or as a bridge to enable cross-environment interoperability.  
Not surprisingly, Connectors are an important part of unlocking more advanced capabilities in the BlueXP architecture. These highly secure modules enable the management of resources and processes across your on-premises and cloud environments.
Once deployed, Connectors bring additional capabilities beyond those noted above, including:
  • Manage AFF and FAS systems running ONTAP 9.10.0 or later via integrated System Manager
  • Basic volume operations for AFF and FAS systems running ONTAP 8.3 or later 
  • Manage E-Series, EF-Series, and StorageGRID systems via integrated management interfaces 
  • Setup and manage Cloud Volumes ONTAP
  • Manage Amazon FSx for NetApp ONTAP volumes 
  • Discovery of Amazon S3 and Azure Blob 
  • Utilize advanced data services including:

Deploying Connectors – let BlueXP help you 
Connectors run in a virtual machine in either your on-premises and/or cloud environment. The recommended way to deploy a Connector is directly from BlueXP to a VM in your Amazon Web Services (AWS), Microsoft Azure, or Google Cloud account. This is the easiest and fastest option as BlueXP's intuitive and automated setup wizard walks you through the process.  
Connector cloud providers.png

Cloud-resident Connectors can also be deployed from the AWS or Azure marketplace. And you have the option to download and install the Connector software on a dedicated Linux host in your network. Details on server requirements, credentials/authentication, networking information, and process steps are in the documentation.

When you create your first Connector, BlueXP automatically uses that Connector for each of your working environments. You can also choose to have multiple Connectors and switch between them; for example, if you’re working in a multi-cloud environment, you might want a Connector in each cloud. There are cases where Connectors must be deployed in the same cloud as your working environment, but any cloud is fine for managing on-premises resources.
Where should your Connectors live? 
Choosing where to deploy your Connector comes down to a few basic decisions related to the working environment and your preference for installation, maintenance, and costs.

Deploying the BlueXP Connector in your cloud environment is the easiest from a deployment and maintenance perspective as wizards guide you through the setup and you’ll always have the most current enhancements and security patches thanks to automatic updates. However, you will have a nominal recurring cost for the Connector’s cloud instance. [4] 

An on-premises deployment will not have recurring cloud cost, but you will need to supply the Linux host and the Connector installation and updates are manual.  
How do Connectors work?
As noted, Connectors are highly secure and maintained in the customer’s environment (either on-prem or in the cloud). The Connectors allow the API calls to connect, authenticate, and communicate between different resources across environments.
Worth noting is how the BlueXP SaaS layer interacts with the Connector. The user’s browser connects to the SaaS layer, which is where the UI is running. The Connector executes the commands/actions that the SaaS layer needs to perform. It receives these commands by constantly polling the SaaS layer for any actions that need to be taken. Once the command is received, the Connector executes the action to the specific resource. To ensure strict security compliance, the BlueXP SaaS layer never reaches inbound to the customer environment.

Connectors and APIs.png
Customers with exceptional security restrictions limiting or prohibiting internet access can run BlueXP on-premises in private mode (commonly known as a ‘dark site’ installation).   
BlueXP is a SaaS-delivered unified control plane that increases a customer’s visibility and control over an increasingly complex hybrid multicloud world. It’s as simple to use as accessing and either a) using existing NetApp Support Services (NSS) account to login, or b) registering and creating an account. Initial tasks can be performed immediately, without the need to install or deploy any further components. More advanced tasks can be done by deploying a Connector in you environment of choice (on-prem or cloud). Find out more at 
[1] A Connector is required to create and manage volumes, replicate data, and integrate FSx for ONTAP with BlueXP services
[2] A Connector is required to add Cloud Volumes ONTAP node-based licenses to the Digital Wallet
[3] BlueXP classification (Cloud Data Sense) requires a scanner module be installed locally with the data sources (i.e. on-prem) so that data never exits the customer’s secure environment during scanning/analysis
[4] For example, an AWS t3.xlarge virtual machine ranges from approximately $60/mo with a 3 yr commitment to $129/mo on-demand non-discounted; please check the supported models for your hyperscaler.