We evaluated a 7310 with 4 aggregated gE interfaces and were immediately impressed with the performance.
The company now has a 7410 that was recently configured.
One thing I noticed in the evaluation was that unlike the NetApp 6070 it may replace, there is no host-based security. At least, nothing I've found in the documentation/admin guide or in the BUI itself alludes to that ability. The shares have to be read-write for obvious reasons.
There is nothing preventing a user with root privileges on some Linux box to mount the share, create a local user with the same UID/GID as the systems that write the data and wreak havoc.
Short of separating the 7410 to another VLAN, has anyone found a way to secure by host?
I asked a Sun engineer during the configuration and he admitted there was no way to do this in the 7410 itself. Hopefully, someone has run across this?
Its a shame really, as NetApp has become the force it has today partly because of Sun. Early NetApp boxes were NFS servers. NFS is a Sun invention which they opened up back in the late 80's.
How did you secure by IP address? I've looked all over (I think) and have come up empty so far.
Best way I've now found of creating CIFS shares on these is:
Create the CIFS share on the Sun box with everyone Full Control, don't make it a hidden $ share (you can do this afterwards if needed)
In windows, browse to the root of your S7000, so for example in Windows go to \\SUNBOXNAME\
You will see any non hidden shares, right click on the one you've created and set the permissions required for the share.
If you want to make it a hidden share, go back in the Sun box and chaneg the share name to one with a $ on the end.
I found, especially with earlier versions of the Sun software, that when you try creating the permissions directly on the Sun box it doesn't always work as expected.
Thanks guys. I'll give that method a shot. I am running the latest build so there should be few issues...I hope.
Are the default share settings ok to go with as well?
I'll grab you some screenshots etc of what to set when I'm in the office tomorrow.
Our solution to this was to create a share for the year group's userspace and a share for their roaming profiles. Because only the Sun box can create a share (without fiddling with automated workflows), we created folders inside these shares for each user using our batch user creation tool (UMRA from tools4ever) that happily sees the Sun share as a standard Windows share and will make folders and set permissions on them with no problems.
I'd love to use hidden $ shares, but Backup Exec won't see them or back them up...
Definitely agree on setting permissions, I think the Sun whitepaper on MS Windows integration actually recommends you set permissions through Windows rather than the box itself.
Stupid question, but how are you doing this bit:
the individual user profile folders and Documents folders are created automatically at first login