Sun StorageTek Compliance Archiving System Policy and Procedures Guide |
This guide provides policies, procedures, guidelines, and recommendations for deploying and configuring a complete compliance solution using a Sun StorageTek Compliance Archiving System. This document does not address all of the business practices and policies that are required for a complete compliance solution. It is limited to those related to the Sun StorageTek Compliance Archiving System.
This guide is required reading for any person responsible for administering or servicing the Compliance Archiving System, including but not limited to Sun support personnel.
It is divided into the following sections:
The Sun StorageTek Compliance Archiving System is a combination of the Sun StorageTek Compliance Archiving Software and any of the Sun StorageTek NAS appliances or gateway systems.
The appliance or gateway system connects directly to a network as easily as a network printer. It features high-speed RAID controller architecture and redundant components that improve data availability. The modular, scalable appliance or gateway system offers nonstop performance for optimum file-sharing capabilities.
The Sun StorageTek Compliance Archiving Software is extension software, enabled by a license key, that provides compliance with stringent data management and retention requirements. You can configure the system for mandatory or advisory enforcement:
With the Sun StorageTek Compliance Archiving System providing the storage component, a complete compliance solution requires a software application so that users can manage documents and records, for example, Sun Partner Advantage Program Enterprise Content Management (ECM) applications or Integrated Document Archive and Retrieval Systems (IDARS) applications.
In addition to the storage and management system, your business practices and IT policies create the complete compliance solution.
This section provides details of the Sun StorageTek Compliance Archiving System.
The storage component of the Sun StorageTek Compliance Archiving System can consist of any of the following:
The appliances are mid-tier, network-attached, software and hardware that provide file services to both UNIX® and Windows clients, using standard access protocols such as Network File System (NFS) and Common Internet File System (CIFS).
Each appliance and gateway system provides the features typical of network-attached storage (NAS) appliances, including point-in-time file system checkpoints ("snapshots"), and clustering for high availability.
Each appliance can be configured to use SCSI, Fibre Channel (FC), Serial Advanced Technology Attachment (SATA) disk drives, or as a Gateway system to other network storage. The storage capacity is configurable and can be scaled as needed:
The Compliance Archiving software operates on file volumes that have been created as compliance-enabled. Its functionality consists of these major features:
For test environments or for deployments with less stringent requirements, the Compliance Archiving Software provides the option of advisory enforcement that overrides some of these features.
With the standard, mandatory enforcement, no one can delete a WORM file before its retention date, decrease a WORM file's retention time, or delete a compliance volume. Under the advisory enforcement option, authorized administrator can decrease a WORM file's retention time and delete a WORM file before its retention date. These operations are logged in the audit log.
Note - File volumes that are compliance-enabled might have slightly lower performance than volumes without this protection. |
The term "WORM" means "write-once, read-many" and indicates that the file is archived in non-rewritable, non-erasable storage. A more accurate description is to call these files "permanent read-only" files.
A file can be created with the normal access controls and modified as needed, but after it becomes a WORM file, the Compliance Archiving software enforces stronger access controls than the traditional file access semantics provided by the NFS and CIFS protocols.
When a data management application designates a file as WORM, the file becomes permanently immutable. WORM files cannot be modified, extended, or renamed. A WORM file can be deleted only when its retention time has been met and in accordance with the file retention rules.
In addition to providing storage for WORM files, the Compliance Archiving System supports backup to immutable tape media, or WORM tape.
Note - Checkpoint files cannot be restored over write-once, read-many (WORM) files. |
The Compliance Archiving Software associates a retention period with each WORM file. If you or the data management application that writes files to the volume does not set a retention period explicitly for each file, the default retention period is used.
When the retention period expires, you can delete a WORM file or extend its retention period. With the advisory compliance option, you can decrease the retention period for a file to allow it to be deleted. With the mandatory compliance option, you cannot decrease the retention period.
Some system administration functions are disabled or restricted on compliance-enabled file volumes to ensure the retention and preservation assurances of WORM files and retention periods. These restrictions affect functions that could be used to circumvent a file's retention, for example, by deleting the file's volume.
The Compliance Archiving Software retains immutable records of all compliance-related activities that occur on the system. It maintains a text-based log file for attempted efforts to modify or delete data, with or without proper authority, and is enabled through the use of the Data Retention Audit Service (DRAS) API, which includes the following features:
The following events are audited:
A full description of the audit log provided by this service is in Chapter 9 of the Sun StorageTek NAS OS Administration Guide.
When you enable antivirus protection on a compliance-enabled volume, the following cases are handled in a special manner:
For more information about virus scanning, see Chapter 4 of the Sun StorageTek NAS OS Administration Guide.
This section provides guidelines for the physical configuration of a Sun StorageTek Compliance Archiving System.
Software features and hardware storage cannot protect data against accidental or malicious physical destruction, such as the removal and reformatting of one or more hard drives.
Caution - You must take the appropriate steps to ensure the physical security of the data stored in the Sun StorageTek Compliance Archiving System. |
In addition, you must monitor the state of the batteries in the RAID Controller and the system BIOS and replace them in accordance with Sun's maintenance guidelines.
The Sun StorEdge 5300 RAID EU Controller Enclosure and the Sun RAID expansion unit controllers must not be connected to any computer system that is not part of the appliance. This restriction applies to both Fibre Channel and Ethernet connections.
The Compliance Archiving Software runs on the appliance and cannot control or restrict the behavior of other computer systems that might be attached to the RAID controllers. If other computers are attached to the RAID controllers, the Compliance Archiving Software can no longer protect WORM files from accidental or malicious corruption.
The only circumstance in which an expansion unit can ever be connected to a computer that is not part of the appliance is when authorized and trained Sun Service personnel are troubleshooting an appliance or gateway system.
For the additional protection of data in transit to and from the Sun StorageTek Compliance Archiving System, consider the use of a dedicated private network for data traffic between the Compliance Archiving System and the servers running the record or document management applications.
This section provides recommendations and guidelines for the software configuration of a Sun StorageTek Compliance Archiving System.
The Sun StorageTek Compliance Archiving System enforces data retention rules and policies so some file system operations behave differently on compliance-enabled file systems than they do on non-compliant file systems. To ensure the correct management of retained data, the Sun StorageTek Compliance Archiving Software must be used by applications that have been modified explicitly to manage file retention, using the Sun StorageTek Compliance Archiving Software's API. This interface and the behavior of compliance-enabled file volumes are described in Appendix C of the Sun StorageTek NAS OS Administration Guide.
The Compliance Archiving Software provides two modes of operation:
You use the fsctl command to change the operating mode. To set the operating mode to run in emulation mode, use the command:
> fsctl compliance mode emulation
If you need to set the mode of operation back to the default operating mode, use the command:
> fsctl compliance mode standard
To provide accurate auditing of system reconfiguration, errors, faults, and other events, it is strongly recommended that you enable persistent system logging. By default, the appliance logs these events only to system memory. As a result, log information is lost when the system reboots. Configure the Sun StorageTek Compliance Archiving System either to store log data on one of its file systems or to send log data to a remote syslog server. For instructions on configuring system logging, see "Setting Up Logging" in Chapter 2 of the Sun StorageTek NAS OS Administration Guide.
By enabling system auditing, you can record details of when advisory compliance volumes are deleted. Records of volume deletions, in addition to other system events, are captured in audit log files. For instructions on how to enable system auditing, see Chapter 10 of the Sun StorageTek NAS OS Administration Guide.
Remote administrative access to the appliance must be limited to secure protocols. To configure the appliance to limit remote access, follow the directions in Chapter 12 of the Sun StorageTek NAS OS Administration Guide.
Select the Secure Mode check box to restrict access to Secure Web Admin and Secure Shell. This protects administrative passwords when they are sent over the network to the appliance.
Configure Network Time Protocol (NTP) to ensure timestamps of compliance-enabled volumes are accurate. NTP synchronizes the system clock with multiple redundant servers and diverse network paths to achieve high accuracy and reliability. For information about how to set up NTP, see Chapter 4 of the Sun StorageTek NAS OS Administration Guide.
For more information about the Sun StorageTek Compliance Archiving System, see the product documentation for your appliance at this URL:
http://www.sun.com/products-n-solutions/hardware/docs/
Network_Storage_Solutions/nas/
Copyright © 2007, Sun Microsystems, Inc. All Rights Reserved.