"Stephen C. Losen" wrote:
Is the filer OS considered secure? Y2K compliant? Would you feel safe running your filer attached to potentially hostile web servers running user-uploaded CGI programs?
One of the latest versions purports to be y2k. The filer software and filesystem should not have trouble with "potentially hostile web servers". That is, the filer should stay running and serving files without trouble. However, the files themselves have the usual unix protections. So it's still up to you to configure the filer properly (to restrict access to certain hosts) and set proper file permissions (to restrict access to certain users on those hosts). And there are insecurities inherent to NFS, so you don't want to export filesystems to hosts that you don't have some control over.
Right, of course if you misconfig something you open yourself to mischief. What I want to get at is whether it is safe to have a filer attached to the net-at-large, or whether it needs to be firewalled or otherwise protected. Can you elaborate on the nfs insecurities you mention?
What kind of real-world bandwidth can it put out (F740) ? I see the transaction specs, but what about sustained mbits in a web-type environment (3x more reads than writes)?
Netapp prefers to measure "response time" vs. "transactions/sec". In other words, a filer might be showing tremendous throughput for one party, while starving out the others (delayed responses). In the real world, you want average response time to be as fast as possible because that is what people notice. Netapp has very impressive throughput and average response time does not degrade dramatically at high loads.
Excellent, but is the filer capable of overloading 100mbit ethernet? If so, just how much bandwidth should we spec out for it so that it can perform to its max abilities?