You may have received Mr. Gregoire's post...but the list didn't, because only
subscribers are allowed to post to this list. So, below was me copying from his
rejected post to the list. ---- Meanwhile.... I didn't really respond before
because our IT security group operates independently and without regard to
other IT units. IE: because one host was being DoS'd on port 22, they're going
to block port 22 at the border to everything... or large encrypted looking UDP
packets to port 53 look like P2P, so block it.... Why don't DNSSEC signed zones
resolve anymore? And, specifically, because they purchased their own NAS
appliance without any involvement outside of their group. So, we know nothing
about it, except that we have to give them rackspace, power/cooling and
networking. At least they didn't say anything about security...used to be the
only people with datacenter access were people that needed access to it. But,
person that issues access cards now...gives access to everything on those
cards. Annoying...there are telco closets where we have servers that I need to
get to...where I don't have access to, but new hires who don't work on campus
have access to everything here... Perhaps someday, I should 'lose' my
card....to finally get access to the other rooms. ---- OTOH, we have two tiers
of SAN storage.... Tier 1 is Oracle-branded Hitachi 9990 and Tier 2 is Oracle
6000 series storage. Until Oracle came in...we had been very happy with Sun
Storagetek branded Hitachi 9980 storage, and upgraded to 9990 a month before
Oracle announced it was ending its relationship with Hitachi. With Oracle and
Hitachi parted ways...Hitachi won't supply parts to Oracle should we need any
replacements or want to add storage. And, while Hitachi will assume the
remainder of any warranties, they won't buy out our 3yr Oracle support
contract. And, and if we add storage from Hitachi, it'll invalidate our Oracle
support contract. The 9990 is great, trying to figure out how to get support
and more storage.... No major complaints about the 6000 series storage, except
that it needs a disruptive firmware update to support all the client licenses
we purchased for it. Though not urgent because we're out ports on the current
switches, and first we need to replace current switches with new ones before we
get to adding more capacity. The current are McData switches...where we have
mostly upgraded to 2Gig. Working on getting a new Brocade...probably
16Gig....there is a push to get all the core infrastructure to 10Gig. The only
hard part of upgrading the fabric, is there are a lot more SAN hosts now...that
we have to go through and make sure that they are dual pathed and that they
have stablised on the path change before yanking the other one. In a previous
upgrade, we got caught by starting the switch of the second path too soon after
the first switch. And, in another upgrade, we discovered a host where one of
the HBAs had failed. For NAS, we are in the process of transitioning from (a
pair) NetApp FAS 3070.....to Oracle 7000 series storage. The NetApp has been
lots of trouble for us....it is in need of a disruptive firmware update, and
for all the money we pay in support...it doesn't cover them coming in to apply
the update. And, they wanted more than what we originally paid for it in
support past Nov 25th (still won't get us the new firmware or current problems
fixed...) So we got the Oracle 7420 instead... We had one application (Oracle
Financials), that had a small NFS filesystem from a Solaris 9 v240 cluster with
SAN attached storage ... that we were not able to migrate to the NetApp.
Performance degraded by several orders of magnitude, and the finance people
wouldn't tolerate it. So, it was the main requirement that what we replaced the
NetApp with a NAS where the finance people would be happy. (it was pretty much
the only thing we tried and got working during the try-and-buy period on it.)
We had other Solaris 9 clusters doing NFS that remained in service after we got
the NetApp....though we were trying to migrate everything until we started
having performance and stability problems. Though doesn't look like we'll get
fully migrated in time. I heard there's about 8TB of data to sync over, and its
only going at about 30Mbps...because having the NetApp crash is bad. Plus
things on the 7420 haven't been very good either. We're thinking that all the
problems with the 7420 was the real reason the admin for it had quit....he did
leave us to go work for a SAN/NAS storage maker. Also they originally said any
new features they add to the appliance, will just automatically available when
we upgrade....unlike other vendors that want money for every little thing.
Except that a recent update contains features that we need to pay extra to
get.... Probably the big problem with the 7420, is that we have its interface
tagged into different networks...and it will sometimes start using the wrong
network to talk back to the clients....and FWSM won't allow that. (we also did
it to avoid running NFS data through the F5 for hosts behind it....though we
don't do that anymore...plus we've been doing backups of hosts behind the F5
through it... someday we'll get the backup/management network run out to
everything...) Hopefully it'll all work out...and we can retire the old NFS
clusters...and free up the 9990 storage they're using. We did finally free up
the 6TB that mail was using....we outsourced mail a couple years ago, but we
were forced to keep the old mail storage around in case it was needed for
discovery purposes...but once the case was settled, we had to get rid of it
immediately. ---- Somebody mentioned the NetApp 'tax' for raw to usable storage
... isn't that normal with any storage that does some kind of RAID and hot
sparing? It was worse on the 9980, because its doing RAID 1+0 with hot spares
(though I understand its not as bad on the 9990, because the hot spares can be
used anywhere they're needed...and not tied to a specific group). Plus there's
also a bit of a difference in the capacity/cost of the kind of drives that go
into these systems than what you get from bestbuy....though try explaining that
to our users. Our NetApp started as an even mix of FC and SATA drives...but all
the additional trays have been SATA. Though the NetApp was something some
executives saw at some tradeshow and decided we had to have one (even when
another vendor came in with a better and lower bid for something else.) So we
have heard from other vendors, had we gotten a NetApp from them...they would've
treated us better than what we've been experiencing (and possibly something
more suited to our workloads.) Though the meetings we were having with these
other vendors was to get something to replace the NetApp. (think we were mainly
looking at IBM, HP, Oracle and EMC....and at one point 3 different vendors for
IBM and two different vendor for each HP and Oracle. Though I might be confused
on some...since at the same time as we were looking to replace our current NAS,
there were also talks on whether we should stay with Sun....) ----- Original
Message -----
> Mr. Chen,
> If you look below. You will see the results of your posting. I am not
> sure if this is what you wished to accomplish, but here it is. I can
> tell you that Mr. Gregoire's post did come through, OK. I read it
> before reading your post.
> Just trying to see if this was the results you wanted.
> Regards,
> Harvey
> " Experience is a hard teacher because she gives the test first , the
> lesson afterwards ." -- Unknown
> --- On Thu, 11/17/11, Lawrence K. Chen, P.Eng. <[email protected]> wrote:
> > From: Lawrence K. Chen, P.Eng. <[email protected]>
> > Subject: Re: [lopsa-discuss] Help from LOPSA-members in the Area of
> > NAS/SAN in use for Forensic Data ??
> > To: [email protected]
> > Date: Thursday, November 17, 2011, 1:46 PM
> > Andre tried to add....
> > Thanks Harvey for taking this initiative.
> > I will share what I can.
> > Basically there is new SPAM legislation (Bill C-28 aka CASL) in
> > Canada
> > and we are ramping up to start enforcing the legislation. The CRTC
> > is
> > setting up an evidence lab from scratch so we are starting from
> > nothing. We have already purchased Servers, Switches, Cabling but
> > nothing storage related yet.
> > We will need approx. 200TB of storage as we will be getting data
> > feeds
> > from several different sources, spam complaints, malware databases,
> > etc.. Basically we can get as many samples as we can handle.
> > We figure 20TB for the SAN portion which we will utilise for a
> > database and for quickly searching through data and the rest will be
> > a
> > NAS that won’t require the same level of performance.
> > We have a bunch of Mac laptops/desktops and will be using Virtual
> > images locally on those. We also bought or are in the process of
> > buying ESX in order to be able to run several different environments
> > to test the malware, etc...
> > We need to get setup ASAP and being part of Canadian government
> > there
> > are a lot of procurement rules. We want to fast track this and
> > purchase from the Standing Offers.
> > We have the choice between these 6 vendors: IBM, Hitachi, EMC, HP,
> > NetApp and Storageflex.
> > What I would like is peoples experiences with these vendors for
> > example:
> > · Did they deliver as promised?
> > · Were there hidden costs?
> > · Do you have problems with the hardware?
> > · Do you regret buying from them?
> > · How is the support?
> > · How easy is the management interface?
> > · How many FTE’s manage your Mass storage?
> > Anything you can tell me about these vendors will be helpful.
> > Thanks all for your time!
> > ________________________________
> > Andre Gregoire
> > Senior Enforcement Officer
> > Electronic Commerce Enforcement
> > Canadian Radio-television and Telecommunications Commission (CRTC)
> > [email protected]
> > Telephone 819-953-6972
> > Government of Canada
> > -----Inline Attachment Follows-----
> > _______________________________________________
> > Discuss mailing list
> > [email protected]
> > https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss
> > This list provided by the League of Professional System
> > Administrators
> > http://lopsa.org/
-- Who: Lawrence K. Chen, P.Eng. - W0LKC - Senior Unix Systems Administrator
For: Enterprise Server Technologies (EST) -- & SafeZone Ally Snail: Computing
and Telecommunications Services (CTS) Kansas State University, 109 East
Stadium, Manhattan, KS 66506-3102 Phone: (785) 532-4916 - Fax: (785) 532-3515 -
Email: [email protected] Web: http://www-personal.ksu.edu/~lkchen - Where: 11 Hale
Library
_______________________________________________
Discuss mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss
This list provided by the League of Professional System Administrators
http://lopsa.org/
