toasters April 2008

toasters@lists.teaparty.net

92 participants
54 discussions

RE: Restricting given file types from being written to CIFS volumes
by Gupta, Reena 01 Apr '08

01 Apr '08

Hi Jack, Your procedure looks correct, it matches with the example given on the NOW documentation. Check this link: http://now.netapp.com/NOW/knowledge/docs/ontap/rel724/html/ontap/filesag /accessing/task/t_oc_accs_enabling_native_file_blocking.html#t_oc_accs_e nabling_native_file_blocking Thanks, Reena Gupta ________________________________ From: Wu, Linda Sent: Tuesday, April 01, 2008 10:53 AM To: Gupta, Reena Subject: FW: Restricting given file types from being written to CIFS volumes Hi Reena, Could you reply this toaster email thread? I think you've already have the steps to do this procedure. thanks, -linda Linda Wu Sr. Manager, Prod. Mgmt & TME, Windows File Services NetApp Office: (408) 822-3560 Email: wu(a)netapp.com ________________________________ From: jack.revette(a)dowcorning.com [mailto:jack.revette@dowcorning.com] Sent: Tuesday, April 01, 2008 9:17 AM To: toasters(a)mathworks.com Subject: Restricting given file types from being written to CIFS volumes I've been searching this listserv as well as NOW.NETAPP resources to detemine if there was any easy way to preclude certain file types (e.g., .mp3) from being written to given volumes. It seems the answer was not natively, but it could be done through a business partner product which would be set up as a screening server, much like the AV virus scanning server. I'm thinking maybe it can be done natively by just not implementing the screening servers. My thoughts follow. Comments would be appreciated. display current setup: fpolicy create empy screening profile called restrict_filetypes fpolicy create restrict_filetypes screen limit this profile to volume fre (for my testing) fpolicy vol inc add restrict_filetypes fre limit this profile to filetype xxx (for my testing) fpolicy ext inc add restrict_filetypes xxx limit this profile to activities of create and rename (allow delete) fpolicy monitor add restrict_filetypes -p cifs -f create,rename in absence of screening server, required will deny the access rather than default of permit it fpolicy options restrict_filetypes required on display the profile fpolicy show restrict_filetypes enable the profile, -f forces it because there are no screening servers fpolicy enable restrict_filetypes -f undo it all fpolicy disenable restrict_filetypes fpolicy destroy restrict_filetypes

1 0

Restricting given file types from being written to CIFS volumes
by jack.revette＠dowcorning.com 01 Apr '08

01 Apr '08

I've been searching this listserv as well as NOW.NETAPP resources to detemine if there was any easy way to preclude certain file types (e.g., .mp3) from being written to given volumes. It seems the answer was not natively, but it could be done through a business partner product which would be set up as a screening server, much like the AV virus scanning server. I'm thinking maybe it can be done natively by just not implementing the screening servers. My thoughts follow. Comments would be appreciated. display current setup: fpolicy create empy screening profile called restrict_filetypes fpolicy create restrict_filetypes screen limit this profile to volume fre (for my testing) fpolicy vol inc add restrict_filetypes fre limit this profile to filetype xxx (for my testing) fpolicy ext inc add restrict_filetypes xxx limit this profile to activities of create and rename (allow delete) fpolicy monitor add restrict_filetypes -p cifs -f create,rename in absence of screening server, required will deny the access rather than default of permit it fpolicy options restrict_filetypes required on display the profile fpolicy show restrict_filetypes enable the profile, -f forces it because there are no screening servers fpolicy enable restrict_filetypes -f undo it all fpolicy disenable restrict_filetypes fpolicy destroy restrict_filetypes

3 2

Performance impact of in-lined firewalls/IDS
by Tom Yates 01 Apr '08

01 Apr '08

I have a bunch of filers that we use from various hosts for CIFS, NFS and iSCSI. Powers That Be are planning to put both a firewall and an adaptive IDS between my filers and my hosts. Does anyone have any rough and ready (ir ndeed, shiny and precise) numbers about what sort of performance impact this can have, recommendations for how to do it properly, or indeed solid data suggesting not to do it at all? Any experience with this? -- Tom Yates - http://www.teaparty.net

8 9

RAC install on NetApp
by Robert K. Borowicz 01 Apr '08

01 Apr '08

Toasters, My DBA just came to me and complained that a Ora RAC 10g build took 18 hours when using a Filer NFS mount. Seems I've heard of this issue before but forget the fix. Has someone seen this before ? TIA -Rob

6 6

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

1997

toasters April 2008