1 / 26

Configuring and Managing a SafeNet StorageSecure Cluster

Configuring and Managing a SafeNet StorageSecure Cluster. Module 5: Lesson 1 SafeNet StorageSecure Storage Security Course. Lesson Objectives. By the end of this lesson, you should be able to: Configure a SafeNet StorageSecure cluster Manage a SafeNet StorageSecure cluster.

asta
Download Presentation

Configuring and Managing a SafeNet StorageSecure Cluster

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Configuring and Managing a SafeNet StorageSecure Cluster Module 5: Lesson 1 SafeNet StorageSecure Storage Security Course

  2. Lesson Objectives • By the end of this lesson, you should be able to: • Configure a SafeNet StorageSecure cluster • Manage a SafeNet StorageSecure cluster

  3. Clustered Environment

  4. Clusters • A cluster can include up to two SafeNet StorageSecure appliances • All cluster members maintain configuration information for the entire cluster • All cluster members use the same set of Recovery Cards • If members of the cluster go offline, some operations may be disabled to ensure data integrity

  5. Clusters and Subnets • In a NAS cluster the client-side NIC on both appliances must be on the same subnet • In case of appliance failure, all virtual servers (VIPs) in the failed SafeNet StorageSecure appliance move to the other cluster member

  6. Adding Cluster Members • Full or Machine Administrators only • Always zeroize appliance before adding to the cluster • Use Setup Wizard on existing cluster member or stand-alone appliance

  7. Setup StorageSecure Clusters using SafeNet StorageSecure Management Console

  8. Building SafeNet StorageSecure Clusters • Setup Wizard steps to build a cluster: 1. Launch the Setup Wizard. 2. Connect to the existing stand-alone StorageSecure appliance. 3. Choose “2” as the cluster size, and choose a shared secret. 4. Define the additional cluster members. 5. Present Recovery Cards.

  9. Launch the Setup Wizard

  10. Connect to Head of Cluster IP address of the stand-alone StorageSecure

  11. Choose the Cluster Size Select “2” as the cluster size

  12. Enter the Shared Secret Enter the Shared Secret in and confirm shared secret

  13. Enter New Node Information Complete the information for the node being added to the cluster Enter the VRID offset

  14. Virtual Router Redundancy Protocol

  15. About VRRP • Virtual Router Redundancy Protocol (VRRP) is a protocol based on Cisco proprietary HSRP protocol that was designed for high availability. • StorageSecure clusters use VRRP packet format for the heartbeat mechanism. VRRP is not completely implemented; only packet format is used for communication.

  16. About VRID • Cluster configuration requires Virtual Router Identifiers (VRIDs). • In the VRRP environment, each cluster member is assigned a VRID, which the cluster member uses for communication. • Cluster heartbeat uses a broadcast mechanism, which means the client-side of each cluster member must be on the same subnet, respectively. • Also, since the communication mechanism is broadcast-based, if there are multiple clusters on the same subnet, then the VRIDs of each cluster must be unique.

  17. About VRID offset • StorageSecure assigns a VRID for each node in the cluster. One node is assigned the address of the VRID offset and the other node is assigned the address of the VRID offset plus one. • If there are multiple clusters of StorageSecure on the network, set different VRID offset for each of them. • If other network appliances on the network are using VRRP, make sure to use a unique VRID in StorageSecure Cluster. • It is recommended to use a VRID offset equal or higher than 2.

  18. Manage Clusters

  19. Manage Clusters • Use the View Cluster Members tab to manage clusters (NAS only) • ConfigurationView Cluster Failover • Configuration database defines cluster status with Group State and Replication State

  20. Repliaction State

  21. Manage Failover • Cluster failover - some or all VRIDs serve the secondary SafeNet StorageSecure appliance • Use the View Cluster Failover tab • Failover triggers • Appliance reboot • New cluster • Intrusion detected

  22. Failures During Rekey—Cluster • Rekey will be available in StorageSecure Release 1.1

  23. Lesson Summary • In this lesson, you should have learned to: • Configure a SafeNet StorageSecure cluster • Manage a SafeNet StorageSecure cluster

  24. Hands on Exercise:Complete:15 StorageSecure Cluster

  25. Module Summary • In this module, you should have learned to: • Create a SafeNet StorageSecure Trustee Relationship • Configure and manage a SafeNet StorageSecure cluster • Identify the SafeNet StorageSecure KeySecure Appliance components and features • Configure the SafeNet KeySecure Appliance

  26. Thank You!

More Related