Following on from part 1, part 2 and part 3 where we covered PowerFlex SDNAS System Features and took a deeper look (and walkthrough) of supported NAS protocols and file system extension/shrinkage.
This post will cover key PowerFlex security features such as, D@re, Secure NFS, Directory and Naming services integration and CAVA.
Security
PowerFlex File provides a range of security features to help protect data stored in the file system. One key aspect of PowerFlex File’s security architecture is feature parity, which means that security features are consistent across all protocols and workflows. This helps to ensure that data is protected regardless of how it is accessed or used.
PowerFlex File supports various security protocols such as SMB, NFS, and SFTP, along with built-in support for data-at-rest encryption, including the AES-256 encryption algorithm, which is widely considered to be highly secure and robust.
In addition to encryption, PowerFlex File provides a number of other security features, such as access control lists (ACLs), which allow administrators to restrict access to specific files or directories. The solution also includes support for authentication protocols like Kerberos, which can help ensure that only authorized users are able to access sensitive data.
PowerFlex File also provides encryption workflows outside of file system workflows. This means that administrators can encrypt data using third-party encryption tools or processes, and then store the encrypted data in the file system. This can be useful in situations where encryption needs to be applied outside of the file system itself, for example when data is being replicated or migrated to other systems.
Directory and Name Servicing Integration
Integrating new products into existing environments and workflows can be a key challenge for IT operations. Understanding the concern, PowerFlex File helps address this challenge by supporting a range of directory and naming services that make it easy to integrate the file system with existing IT infrastructure. The solution provides built-in support for a variety of popular directory and naming services, including LDAP, DNS, NIS, and local files.
With LDAP integration, administrators can use existing directory services to manage users and groups, simplifying authentication and access control. PowerFlex File can also integrate with DNS servers to manage hostnames and IP addresses.
Additionally, NIS integration is also supported, enabling administrators to manage user and group information using NIS maps. PowerFlex File can also use local files for directory and naming services, making it easy to manage this information directly on the file system itself.
CAVA
While PowerFlex File, like any other file storage solution, can be vulnerable to virus attacks, appropriate security measures can help mitigate the risks. Without proper protection, files stored in PowerFlex File may be at risk of being infected by viruses, malware, or other types of malicious software.
To help address this concern, Dell has developed a software called Common Event Enabler (CEE), which is integrated with the Common Antivirus Agent (CAVA) to provide antivirus protection for files stored in PowerFlex File. CAVA provides a standardized interface for antivirus applications to scan files stored in PowerFlex File in real-time, enabling antivirus software to integrate with PowerFlex File and provide protection against malware and other security threats.
CAVA works by monitoring file system events, such as file creations, modifications, and deletions. When an event occurs, the CAA communicates with the antivirus software to scan the affected files. If a threat is detected, the antivirus software can take appropriate action, such as quarantining or deleting the infected file.
With the help of CEE and CAVA, PowerFlex File can be protected against virus attacks and other types of malware, ensuring the safety and integrity of the data stored within it.
