SA-S500 Configuration Guide - Broadcom Inc.

Security Analytics Configuration Guide for SA-S500 Series

4 Jun 2019

© 2019 Symantec Corp. 2 of 25 Updated 4 Jun 2019 SA-S500 Configuration Guide

Document Version 1.4

Copyright © 2019 Symantec Corp. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Blue Coat, and the Blue Coat logo are trademarks or registered trademarks of Symantec Corp. or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE. SYMANTEC CORPORATION PRODUCTS, TECHNICAL SERVICES, AND ANY OTHER TECHNICAL DATA REFERENCED IN THIS DOCUMENT ARE SUBJECT TO U.S. EXPORT CONTROL AND SANCTIONS LAWS, REGULATIONS AND REQUIREMENTS, AND MAY BE SUBJECT TO EXPORT OR IMPORT REGULATIONS IN OTHER COUNTRIES. YOU AGREE TO COMPLY STRICTLY WITH THESE LAWS, REGULATIONS AND REQUIREMENTS, AND ACKNOWLEDGE THAT YOU HAVE THE RESPONSIBILITY TO OBTAIN ANY LICENSES, PERMITS OR OTHER APPROVALS THAT MAY BE REQUIRED IN ORDER TO EXPORT, RE-EXPORT, TRANSFER IN COUNTRY OR IMPORT AFTER DELIVERY TO YOU.

Americas: Symantec Corporation 350 Ellis Street Mountain View, CA 94043

Rest of the World: Symantec Limited Ballycoolin Business Park Blanchardstown, Dublin 15, Ireland



About This Document

This document contains instructions to configure a Security Analytics SA-S500-20-FA or SA-S500-40-FA Forensic Appliance as a head unit that is attached to one or more Symantec J5300 40T Direct-Attached Storage modules or Dell® PowerVault® MD1400 Direct Attached Storage modules.

To connect an SA-S500-30-FA to storage arrays over Fibre Channel connections, consult Security Analytics Configuration Guide for E5660 300T Intelligent Storage Arrays.

For the quick-start guides for each hardware unit, select Getting Started Guide for the document type.

For assistance with system configuration:

• Symantec Support: support.symantec.com/en_US/contact-support.html

• Security Analytics Documentation: support.symantec.com/content/unifiedweb/en_US/Documentation.1145515.html

https://www.symantec.com/docs/DOC10304

https://www.symantec.com/docs/DOC10304

https://support.symantec.com/en_US/contact-support.html

https://support.symantec.com/content/unifiedweb/en_US/Documentation.1145515.html



Table of Contents

1. Requirements ............................................... 5

1.1. Terminology ............................................................ 5 1.2. Server I/O Configuration ......................................... 6

SA-S500-20-FA .....................................................................6 SA-S500-40-FA .....................................................................6

1.3. Storage Module I/O Configuration .......................... 6 Symantec J5300 Direct Attached Storage ..........................6 Dell PowerVault MD1400 Attached Storage .......................7

2. Cable the Storage Modules ......................... 8

2.1. Cable Orientation .................................................... 8 2.2. One RAID-Controller Setups .................................... 8 2.3. Two RAID-Controller Setups ................................. 10 2.4. Initial Configuration .............................................. 11 2.5. Establish a Connection to the Head Unit .............. 11 2.6. Configure Initial Settings ...................................... 12 2.7. View the Default File-System Allocation ............... 12 2.8. Verify System Health ............................................. 13

3. Run the carve-s500 Script ......................... 15

4. Next Steps ................................................... 17

Appendix A: RAID Array Configurations ....... 18

SA-S500-20-FA Setups .................................................. 18 SA-S500-20-FA Standalone .............................................. 18 SA-S500-20-FA plus 1 J5300 or 1 MD1400 ..................... 18

SA-S500-40-FA Setups .................................................. 19 SA-S500-40-FA Standalone .............................................. 19 SA-S500-40-FA plus 1 J5300 or 1 MD1400 ..................... 20 SA-S500-40-FA plus 2 J5300s or MD1400s ..................... 21 SA-S500-40-FA plus 3 J5300s or MD1400s ..................... 21 SA-S500-40-FA plus 4 J5300s or MD1400s ..................... 22 SA-S500-40-FA plus 5 J5300s or MD1400s ..................... 23 SA-S500-40-FA plus 6 J5300s or MD1400s ..................... 24

Appendix B: carve-s500 Help ......................... 25

Updates to This Document

Date Page Update

4 Jun 2019 8, 19 Return the second JBOD to the SA-S500-20-FA setup

21 May 2019 15 Add a reboot before running the carve-s500 script

15 Mar 2019 — Update doc links

17 May 2018 11 Add serial connection settings

16 May 2018 19 Remove SA-S500-20-FA setups with 2 and 3 JBODs

Requirements



1. Requirements This installation requires the following:

• One head unit:

o Security Analytics SA-S500-20-FA Forensic Appliance

o Security Analytics SA-S500-40-FA Forensic Appliance

• One or more storage modules:

o Symantec J5300 40T Direct Attached Storage (SA-J5300-DAS-40T)

o Dell® PowerVault® MD1400 Attached Storage (SA-SM-48T-G6)

• Workstation with Ethernet port and terminal-emulation software

Adding storage modules to an existing system is a destructive process, because all of the capture and indexing drive arrays must be reconfigured. Do not begin to add new storage to an existing system until after you have backed up all capture, indexing, and system data. (Consult the Reference section of the Help Files for instructions on backing up system data using dsmigratedata, scm migrator, or solera-backup.sh.)

1.1. Terminology The following usage appears in this document:

• Head Unit—An SA-S500-[20|40]-FA that has one or more connected storage modules

• Server—An SA-S500-[20|40]-FA, either a head unit or a standalone unit

• Storage Module—A J5300 Direct Attached Storage or MD1400 Attached Storage module

• Array—A logical set of virtual disk groups; Security Analytics requires three arrays: system, indexing, and capture.

Requirements



1.2. Server I/O Configuration

SA-S500-20-FA

SA-S500-40-FA

1.3. Storage Module I/O Configuration

Symantec J5300 Direct Attached Storage

Requirements



Dell PowerVault MD1400 Attached Storage

The rightmost two SAS ports (3, 4) on each I/O controller are used only in a two-node failover or dual-homed configuration, which Symantec does not support for Security Analytics.

Cable the Storage Modules



2. Cable the Storage Modules Cable all of the units together as shown.

You must connect the storage modules to the head unit BEFORE continuing to the next step.

2.1. Cable Orientation When inserting the SAS-3 cables into the SA-S500 and J5300 plugs, the release tab on the connectors should be on the bottom, as shown.

For the MD1400, the release tab should be on the top.

A properly inserted cable will "click" into place.

2.2. One RAID-Controller Setups Use this cabling schema for the SA-S500-20-FA, or if you will be connecting one or two storage modules to the SA-S500-40-FA.




If you are connecting only one storage module to an SA-S500-40-FA, DO NOT connect the module to both RAID controllers.




2.3. Two RAID-Controller Setups Use this cabling schema for the SA-S500-40-FA, where you have two or more storage modules.




2.4. Initial Configuration Power on the storage modules first, then power on the head unit. Have you already configured an IP address for eth0 (SYS MGMT 0:0)?

Yes—Have you licensed the head unit?

Yes—Go to Step 2.7: View the Default File-System Allocation.

No—Go to Step 2.6: Configure Initial Settings.

No—Continue the procedure.

2.5. Establish a Connection to the Head Unit

On a newly purchased SA-S500-[20|40]-FA, the management interface (eth0, SYS MGMT 0:0) is set to 192.168.20.20. Do one of the following:

• Using an Ethernet cable, connect the SYS MGMT 0:0 port to a management workstation. The management workstation should have an IP address in the 192.168.20.0/24 network. Launch a web browser, navigate to 192.168.20.20, and go to Step 2.6.1.

• Using a null-modem serial cable, connect the serial port to a serial terminal or to a workstation with terminal-emulation software. Configure the serial connection as follows:

• Baud rate: 9600 bps • Parity: none • Flow control: none

• Data bits: 8 • Stop bits: 1

Follow Steps 2.5.1 through 2.5.3 to assign a temporary IP address.

2.5.1. Log in to the CLI via SSH using the following credentials: admin | Solera




2.5.2. Use ifconfig to temporarily assign an IP address to the management interface (eth0) that is accessible by your management workstation. This IP address will be valid until the appliance reboots:

sudo ifconfig eth0 <ip_address> netmask <subnet_mask>;sudo route add default gw <default_gateway_ip>

2.5.3. Launch a web browser and navigate to the IP address for eth0. Continue to the next section.

2.6. Configure Initial Settings 2.6.1. At the Login page, enter the default username and password, both of which are case-

sensitive: admin | Solera

2.6.2. Consult the Initial Settings page of the Help Files for instructions on initial appliance configuration, password setting, and licensing.

• The Help Files are available on support.symantec.com/en_US/Documentation.html. Enter Security Analytics for Product Name and then select Administration Guide for Document Type.

Setting the root and admin passwords on the Initial Settings page is required. When you click Save, the default passwords for those accounts are destroyed.

Symantec Support does not have a master password for root or admin access, and there is no backup mechanism for your new passwords.

Follow best key-maintenance practices by manually recording your passwords and by keeping a copy in a secure location that is separate from the appliance.

2.6.3. When the head unit reboots after licensing, continue the procedure.

2.7. View the Default File-System Allocation 2.7.1. Access the console by one of these two methods:

• Using an Ethernet cable, connect the SYS MGMT 0:0 port (eth0) to a management workstation with an IP address in the same network as eth0. Establish an SSH session.

• Using a null-modem serial cable, connect the serial port to a serial terminal or to a workstation with terminal-emulation software.

2.7.2. On the console, log in as root. Display the current file-system allocation.

[root@hostname ~]# df -h

Filesystem Size Used Avail Use% Mounted on /dev/sda4 4.9G 2.9G 1.8G 62% / devtmpfs 64G 0 64G 0% /dev tmpfs 64G 11M 64G 1% /dev/shm

https://support.symantec.com/en_US/Documentation.html




tmpfs 64G 202M 63G 1% /run tmpfs 64G 0 64G 0% /sys/fs/cgroup /dev/sda2 1.5G 64M 1.4G 5% /boot /dev/sda6 2.0G 506M 1.4G 28% /gui /dev/sda7 3.6T 197M 3.4T 1% /home /dev/sda3 68G 2.1G 62G 4% /var /dev/sda5 4.9G 138M 4.5G 3% /ds /dev/sdc1 9.1T 9.1T 0 100% /pfs /dev/sdb1 3.7T 90M 3.5T 1% /var/lib/solera/meta gaugefs 9.1T 9.1T 0 100% /etc/solera/flows tmpfs 13G 0 13G 0% /run/user/0 tmpfs 13G 0 13G 0% /run/user/48

2.7.3. Notice the size of /pfs (capture). It should be ~9TB for the -20-FA and ~25TB for the -40-FA.

2.8. Verify System Health 2.8.1. View the RAID controllers, current volumes, and disk health.

[root@hostname ~]# lsi-show

Controller Information Id Serial No Firmware Encl LD PD Product Name a0 SV40917315 3.410.35-3698 1 3 12 LSI MegaRAID SAS 9271-8i Enclosure Information Id Drives 47 120 107 101 100 102 109 115 103 99 104 111 119 Logical Drive Information Id Size Status Stripe Raid Level Cache 0 3.637 TB Optimal 64 KB Primary-5 WriteBack, ReadAhead, Direct, Write Cache OK if Bad BBU by id: 120,107,101 by es: 47:8,47:9,47:10 1 3.637 TB Optimal 256 KB Primary-5 WriteBack, ReadAhead, Direct, Write Cache OK if Bad BBU by id: 100,102,109 by es: 47:11,47:12,47:13 2 9.093 TB Optimal 256 KB Primary-5 WriteBack, ReadAhead, Direct, Write Cache OK if Bad BBU by id: 115,103,99,104,111,119 by es: 47:14,47:15,47:16,47:17,47:18,47:19 Physical Drive Information Id E:S Status FC Size Inquiry 120 47:8 Online, Spun Up None 1.819 TB SEAGATE ST2000NX0353 EF04S4607MYA 107 47:9 Online, Spun Up None 1.819 TB SEAGATE ST2000NX0353 EF04S460MNAL 101 47:10 Online, Spun Up None 1.819 TB SEAGATE ST2000NX0353 EF04S460N60E 100 47:11 Online, Spun Up None 1.819 TB SEAGATE ST2000NX0353 EF04S460JFVR 102 47:12 Online, Spun Up None 1.819 TB SEAGATE ST2000NX0353 EF04S460JFVY 109 47:13 Online, Spun Up None 1.819 TB SEAGATE ST2000NX0353 EF04S460N5SP 115 47:14 Online, Spun Up None 1.819 TB SEAGATE ST2000NX0353 EF04S4604HGH 103 47:15 Online, Spun Up None 1.819 TB SEAGATE ST2000NX0353 EF04S460FDQ5 99 47:16 Online, Spun Up None 1.819 TB SEAGATE ST2000NX0353 EF04S460N5YF 104 47:17 Online, Spun Up None 1.819 TB SEAGATE ST2000NX0353 EF04S460N5SX 111 47:18 Online, Spun Up None 1.819 TB SEAGATE ST2000NX0353 EF04S460N5SJ 119 47:19 Online, Spun Up None 1.819 TB SEAGATE ST2000NX0353 EF04S460CW47

2.8.2. The first part of the output shows that the internal RAID controller (a0) controls the disks in the head unit (12 for the -20-FA and 24 for the -40-FA) and that three volumes (0, 1, 2) are configured by default. This example shows the default configuration for a -20-FA.




Controller Information Id Serial No Firmware Encl LD PD Product Name a1 SV55263940 4.230.20-3532 1 0 12 LSI MegaRAID SAS 9380-8e Enclosure Information Id Drives 8 10 11 13 15 20 9 14 16 17 12 19 18 Physical Drive Information Id E:S Status FC Size Inquiry 10 8:1 Unconfigured(good), Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8E4VS 11 8:2 Unconfigured(good), Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8ELBS 13 8:3 Unconfigured(good), Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8EMKS 15 8:4 Unconfigured(good), Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8EMYS 20 8:5 Unconfigured(good), Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8DVVS 9 8:6 Unconfigured(good), Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8BKBS 14 8:7 Unconfigured(good), Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8ELAS 16 8:8 Unconfigured(good), Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8EP5S 17 8:9 Unconfigured(good), Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8E37S 12 8:10 Unconfigured(good), Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8RBTS 19 8:11 Unconfigured(good), Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8EN5S 18 8:12 Unconfigured(good), Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8E8MS

2.8.3. For each external RAID controller (a1, a2), you should see 12 physical drives per storage module.

2.8.4. For ALL physical disks, is the status Online, Spun Up or Unconfigured (good), Spun Up?

Yes—Continue the procedure.

No—STOP.

You cannot "work around" damaged disks: Security Analytics requires that the number of disks be identical across all disk groups (virtual drives).

• Repair or replace the damaged disks.

• When all disks are in good condition, you can continue the procedure.

Run the carve-s500 Script



3. Run the carve-s500 Script Follow these steps to run the carve-s500 script, which detects all attached devices and creates the system, indexing, and capture drives.

3.1.1. Optional—Consult Appendix B: carve-s500 Help on page 25 to see the options for the command.

3.1.2. Delete the existing non-system disk volumes, and then reboot.

[root@hostname ~]# carve-s500 --delete-all [-v] [root@hostname ~]# reboot

3.1.3. Run carve-s500. Verbose mode is recommended.

[root@hostname ~]# carve-s500 -v

When successful, the script automatically reboots the head unit.

3.1.4. After the head unit has finished rebooting, display the new file-system allocation:

[root@hostname ~]# df -h

Filesystem Size Used Avail Use% Mounted on /dev/sda4 4.9G 2.9G 1.8G 62% / devtmpfs 64G 0 64G 0% /dev tmpfs 64G 11M 64G 1% /dev/shm tmpfs 64G 18M 64G 1% /run tmpfs 64G 0 64G 0% /sys/fs/cgroup /dev/sda2 1.5G 64M 1.4G 5% /boot /dev/sda7 3.6T 197M 3.4T 1% /home /dev/sda3 68G 2.2G 62G 4% /var /dev/sda5 4.9G 138M 4.5G 3% /ds /dev/sda6 2.0G 506M 1.4G 28% /gui /dev/disk/by-id/wwn-0x600605b00b69eaf021395ca1515749ef-part1 81T 81T 0 100% /pfs /dev/sdb1 15T 20M 14T 1% /var/lib/solera/meta gaugefs 81T 81T 0 100% /etc/solera/flows tmpfs 13G 0 13G 0% /run/user/0 tmpfs 13G 0 13G 0% /run/user/48

3.1.5. The entry for /pfs should display the total amount of space across all capture drives. This example shows two storage modules with 40TB each for a total of ~80TB.

Run the carve-s500 Script



3.1.6. Display the disk groups again.

[root@hostname ~]# lsi-show

Controller Information Id Serial No Firmware Encl LD PD Product Name a0 SV40917315 3.410.35-3698 1 2 12 LSI MegaRAID SAS 9271-8i Enclosure Information Id Drives 47 120 107 101 100 102 109 115 103 99 104 111 119 Logical Drive Information Id Size Status Stripe Raid Level Cache 0 3.637 TB Optimal 64 KB Primary-5 WriteBack, ReadAhead, Direct, Write Cache OK if Bad BBU by id: 120,107,101 by es: 47:8,47:9,47:10 1 14.550 TB Optimal 256 KB Primary-5 WriteBack, ReadAdaptive, Direct, Write Cache OK if Bad BBU by id: 100,102,109,115,103,99,104,111,119 by es: 47:11,47:12,47:13,47:14,47:15,47:16,47:17,47:18,47:19

3.1.7. The head unit should have only two disk volumes now: system and indexing.

Controller Information Id Serial No Firmware Encl LD PD Product Name a1 SV55263940 4.230.20-3532 1 1 12 LSI MegaRAID SAS 9380-8e Enclosure Information Id Drives 8 10 11 13 15 20 9 14 16 17 12 19 18 Logical Drive Information Id Size Status Stripe Raid Level Cache 0 40.019 TB Optimal 256 KB Primary-5 WriteBack, ReadAdaptive, Direct, Write Cache OK if Bad BBU by id: 10,11,13,15,20,9,14,16,17,12,19,18 by es: 8:1,8:2,8:3,8:4,8:5,8:6,8:7,8:8,8:9,8:10,8:11,8:12 Physical Drive Information Id E:S Status FC Size Inquiry 10 8:1 Online, Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8E4VS 11 8:2 Online, Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8ELBS 13 8:3 Online, Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8EMKS 15 8:4 Online, Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8EMYS 20 8:5 Online, Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8DVVS 9 8:6 Online, Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8BKBS 14 8:7 Online, Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8ELAS 16 8:8 Online, Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8EP5S 17 8:9 Online, Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8E37S 12 8:10 Online, Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8RBTS 19 8:11 Online, Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8EN5S 18 8:12 Online, Spun Up None 3.638 TB HGST HUS726040AL5215 D7J0N8G8E8MS

3.1.8. Every storage module should have one logical drive, and all of the disks should be Online, Spun Up.

Next Steps



4. Next Steps With your Security Analytics appliance set up with its storage modules, use the web interface to start capturing network traffic. For instructions, select Settings > Help > [language] and then select Data Capture in the left pane of the Help Files.

For assistance with your appliance, contact:

• Symantec Support: support.symantec.com/en_US/contact-support.html

• Security Analytics Documentation: support.symantec.com/content/unifiedweb/en_US/Documentation.1145515.html

https://support.symantec.com/en_US/contact-support.html

https://support.symantec.com/content/unifiedweb/en_US/Documentation.1145515.html

RAID Array Configurations



Appendix A: RAID Array Configurations These tables display the default disk allocations that are created by the carve-s500 script.

Adding storage modules is a destructive process, because all of the capture and indexing drive arrays must be reconfigured. Do not begin to add new storage to an existing system until after you have backed up all capture, indexing, and system data. (Consult the Reference section of the Help Files for instructions on backing up system data using dsmigratedata, scm migrator, or solera-backup.sh.)

SA-S500-20-FA Setups

The following setups are valid for an SA-S500-20-FA with J5300s or MD1400s with 4TB drives.

SA-S500-20-FA Standalone

RAID Cont. Disk Gp.

RAID Purpose Device Model Position Disks @ Size Useable Space

0 0 5 System Head Unit SA-S500 0 3 @ 2TB 3.6

0 1 5 Index Head Unit SA-S500 0 3 @ 2TB 3.6

0 2 5 Capture Head Unit SA-S500 0 6 @ 2TB 9

Total Index 3.6

Total Capture 9

Index-to-Capture Ratio 0.40

SA-S500-20-FA plus 1 J5300 or 1 MD1400

RAID Cont. Disk Gp.

RAID

Purpose Device Model Position Disks @ Size Useable Space



1 0 5 Capture Storage Module

J5300, MD1400

1 12 @ 4TB 40

Total Index 14.5

Total Capture 40





SA-S500-20-FA plus 2 J5300s or 1 MD1400s

RAID Cont. Disk Gp.

RAID





J5300, MD1400

1 12 @ 4TB 40


J5300, MD1400

2 12 @ 4TB 40

Total Index 14.5

Total Capture 80


SA-S500-40-FA Setups

The following setups are valid for an SA-S500-40-FA with J5300s or MD1400s with 4TB drives.

SA-S500-40-FA Standalone

RAID Cont. Disk Gp.

RAID

Purpose Device Model Position

Disks @ Size Useable Space



0 2 5 Capture Head Unit SA-S500 0 14 @ 2TB 25.2

Total Index 7.2

Total Capture 25.2





SA-S500-40-FA plus 1 J5300 or 1 MD1400

RAID Cont. Disk Gp.

RAID





J5300, MD1400

1 12 @ 4TB 40

Total Index 32.4

Total Capture 40





SA-S500-40-FA plus 2 J5300s or MD1400s

RAID Cont. Disk Gp.

RAID





J5300, MD1400

1 12 @ 4TB 40


J5300, MD1400

2 12 @ 4TB 40

Total Index 32.4

Total Capture 80



RAID Cont. Disk Gp.

RAID Purpose Device Model Position Disks @ Size Useable Space




J5300, MD1400

1 12 @ 4TB 40


J5300, MD1400

3 12 @ 4TB 40


J5300, MD1400

2 12 @ 4TB 40

Total Index 32.4

Total Capture 120






RAID Cont.

Disk Gp. RAID Purpose Device Model Position




1 0 5 Capture Storage Module J5300, MD1400

1 12 @ 4TB 40


3 12 @ 4TB 40


2 12 @ 4TB 40


4 12 @ 4TB 40

Total Index 32.4

Total Capture 160






RAID Cont. Disk Gp.

RAID Purpose Device Model Position





J5300, MD1400

1 12 @ 4TB 40


J5300, MD1400

3 12 @ 4TB 40


J5300, MD1400

5 12 @ 4TB 40


J5300, MD1400

2 12 @ 4TB 40


J5300, MD1400

4 12 @ 4TB 40

Total Index 32.4

Total Capture 200






RAID Cont. Disk Gp. RAID Purpose Device Model Position





J5300, MD1400

1 12 @ 4TB 40


J5300, MD1400

3 12 @ 4TB 40


J5300, MD1400

5 12 @ 4TB 40


J5300, MD1400

2 12 @ 4TB 40


J5300, MD1400

4 12 @ 4TB 40


J5300, MD1400

6 12 @ 4TB 40

Total Index 32.4

Total Capture 240


carve-s500 Help



Appendix B: carve-s500 Help USAGE: carve-s500 [-t <type>] [-IEdkiNFvnSDH] [--]

-t --type <filesystem type> [default: ext4]

-I --delete-internal Quit after deleting existing non-system internal RAID arrays

-E --delete-external Quit after deleting existing external RAID arrays

-d --delete-all Quit after deleting existing all non-system RAID arrays

-k --noreboot Do not reboot when finished

-i --ignore Ignore return values when prepping system

-N --non-redundant Use a non-redundant storage configuration

-f --force Force actions instead of prompting for confirmation

-F --fg-init Construct RAIDs and trigger FGInit to finish

-v --verbose Show actions

-n --noExec Show actions but do not execute

-S --stderr Redirect standard errors

-D --debug Enable debugging

-C --capture-only Carve assuming capture only. No index partition created.

-H --help Display this help

SA-S500 Configuration Guide - Broadcom Inc.

Documents

Transcript of SA-S500 Configuration Guide - Broadcom Inc.