Technical Overview of HPE 3PAR File Persona Software ...€¦ · • Object Access API enables...

Technical Overview of HPE 3PAR File Persona Software Truly converged file and object access for HPE 3PAR StoreServ Storage

Technical white paper


Contents Executive summary ............................................................................................................................................................................................................................................................................ 3

Intended audience ........................................................................................................................................................................................................................................................................ 3 Overview ................................................................................................................................................................................................................................................................................................ 3 Licensing ............................................................................................................................................................................................................................................................................................... 4

Architecture............................................................................................................................................................................................................................................................................................... 4 File Persona concepts and terminology ................................................................................................................................................................................................................... 4

Resiliency and high availability ................................................................................................................................................................................................................................................ 5 Networking................................................................................................................................................................................................................................................................................................. 6

Name services and authentication ................................................................................................................................................................................................................................ 7 Active Directory .............................................................................................................................................................................................................................................................................. 7 Lightweight Directory Access Protocol ..................................................................................................................................................................................................................... 8 Local authentication ................................................................................................................................................................................................................................................................... 8 Authentication stack order ................................................................................................................................................................................................................................................... 8

Authorization and permissions................................................................................................................................................................................................................................................ 9 Native ACLs ........................................................................................................................................................................................................................................................................................ 9 Converged ACLs ......................................................................................................................................................................................................................................................................... 10 Cross-protocol locking ........................................................................................................................................................................................................................................................... 10 Access-based enumeration ............................................................................................................................................................................................................................................... 11

Protocol support ................................................................................................................................................................................................................................................................................ 11 SMB protocol .................................................................................................................................................................................................................................................................................. 11 Large MTU size ............................................................................................................................................................................................................................................................................ 15 NFS protocol ................................................................................................................................................................................................................................................................................... 15 FTP and FTPS protocol ........................................................................................................................................................................................................................................................ 16

Development and integration ................................................................................................................................................................................................................................................ 17 Object Access API ...................................................................................................................................................................................................................................................................... 17 Integration with a Microsoft environment ........................................................................................................................................................................................................... 18

Antivirus scanning ............................................................................................................................................................................................................................................................................ 20 Quota management ........................................................................................................................................................................................................................................................................ 20 HPE 3PAR File Access Auditing framework ............................................................................................................................................................................................................ 21 File Lock for data immutability and retention ......................................................................................................................................................................................................... 22 Data protection ................................................................................................................................................................................................................................................................................... 24

User-driven local recovery ................................................................................................................................................................................................................................................. 25 Administrator-driven recovery ....................................................................................................................................................................................................................................... 26 Replication and disaster recovery ............................................................................................................................................................................................................................... 27 Traditional backup .................................................................................................................................................................................................................................................................... 27 RMC Express Protect flat backup ................................................................................................................................................................................................................................ 27 System configuration backup .......................................................................................................................................................................................................................................... 28

Enhanced support functionality .......................................................................................................................................................................................................................................... 28 Support for HPE 3PAR data services ............................................................................................................................................................................................................................. 28 Conclusion ............................................................................................................................................................................................................................................................................................... 28


Executive summary Today’s data centers are expected to deploy, manage, and report on different tiers of business applications, databases, virtual workloads, home directories, and file sharing simultaneously. They also need to colocate multiple systems while sharing power and energy. This is true for large and small environments. The trend in modern IT is to consolidate as much as possible to minimize cost and maximize efficiency of data centers and branch offices. HPE 3PAR StoreServ is highly efficient, flash-optimized storage engineered for the true convergence of block, file, and object access to help consolidate diverse workloads efficiently. HPE 3PAR OS and converged controllers incorporate multiprotocol support into the heart of the system architecture.

Intended audience This white paper provides an overview of HPE 3PAR File Persona Software and technical details about the features and core file data services included in the software. It is intended to assist system administrators, solution architects, presales engineers, and professional services consultants who design, deploy, and administer HPE 3PAR StoreServ storage systems in a home directory or a corporate and group share environment.

Overview File Persona is a feature of HPE 3PAR OS that enables a rich set of file protocols and core file data services on an HPE 3PAR StoreServ system. File Persona inherits the industry-leading architecture and Block Persona benefits of HPE 3PAR StoreServ. It extends the spectrum of primary storage workloads natively addressed by HPE 3PAR StoreServ to the following workloads through File Persona—all with truly converged controllers, agile capacity, and unified management:

• Home directory consolidation (for physical desktops and VMware® Horizon virtual desktops)

• Group and department shares

• Corporate shares

• Content management and collaboration

• Data preservation and governance

– Structured data optimization with Micro Focus Structured Data Manager

– Unstructured data governance with Micro Focus Storage Optimizer and Micro Focus ControlPoint

• Retention of business records with Micro Focus Content Manager

• Video surveillance from several vendors (for details, refer to the HPE Single Point of Connectivity Knowledge [SPOCK] compatibility matrix)

• Real-time business analytics for scale-out SAP HANA® shared infrastructure

• Integration for designated cloud applications using the Object Access application programming interface (API)

File Persona tightly integrates into the data center by supporting industry-standard NAS protocols, a file services ecosystem, and authentication and authorization methods. File Persona also supports antivirus servers and various client operating systems through a single streamlined management interface.

Feature highlights Highlights of File Persona include:

• Rich file protocols support a broad range of client operating systems. This support enables user, group, and corporate shares along with home directory consolidation for physical desktops with Horizon virtual desktops. Protocols supported include:

– Server Message Block (SMB) 3.1.1, 3.0, 2.1, 2.0, and 1.0 (SMB 3.1.1 secures negotiation by using SMB 2.x and later)

– NFS 4.0 and 3.0

– File Transfer Protocol (FTP) and File Transfer Protocol over Secure Sockets Layer (FTPS)

https://www.hpe.com/storage/3par

https://hpe.com/storage/3parfilepersona

http://www.hpe.com/storage/spock



• File Lock provides multiple modes for policy-based and ad hoc file level retention, and immutability offers data preservation and compliance.

• Object Access API enables programmatic data access using a representational state transfer (REST) API for cloud applications from virtually any device anywhere.

• For clients using SMB 3.0 or later and clients using NFS, transparent failover enables nondisruptive HPE 3PAR OS upgrades as well as nondisruptive failovers in the event of a controller failure.

• HPE 3PAR Adaptive Flash Cache is leveraged to achieve performance acceleration for read-intensive workloads.

• Data is compacted with a combination of thin built-in zero detect, HPE 3PAR Thin Provisioning, and HPE 3PAR deduplication technologies in addition to data optimization from the separately licensed HPE 3PAR Adaptive Optimization and HPE 3PAR Dynamic Optimization.

– Comprehensive data protection includes point-in-time file store snapshots for user-driven file recovery, support for third-party antivirus software, network share and Network Data Management Protocol (NDMP)-based backup and restore operations, and disaster recovery replication from the separately licensed HPE 3PAR Remote Copy.

– Security of Federal Information Processing Standard (FIPS) 140-2 validated data-at-rest encryption as an optional measure to prevent unauthorized data access.

– Seamless integration with a broad range of IT infrastructure services including Active Directory, folder redirection, offline files, roaming user profiles, distributed file system (DFS) namespace, and Microsoft® Management Console (MMC). It also includes Lightweight Directory Access Protocol (LDAP) and local user authentication for Linux®-based IT infrastructure.

– The HPE 3PAR StoreServ Management Console (SSMC) GUI provides a single management interface for file and block storage with a performance dashboard and custom reporting capability. Unified programmatic management access for file and block storage is available through the HPE 3PAR Web Services API or the HPE 3PAR OS CLI.

Licensing File Persona is supported on HPE 3PAR StoreServ 7000c, 8000, 9000, and 20000 series storage systems. Beginning with HPE 3PAR OS 3.3.1, a File Persona license is part of the base HPE 3PAR OS single-system software license for all supported HPE 3PAR StoreServ platforms except the HPE 3PAR StoreServ 7000c. Refer to the appropriate HPE 3PAR StoreServ Storage QuickSpecs for specific details regarding different platforms.

Architecture HPE 3PAR StoreServ Storage provides the redundant datapath and raw block storage on which the File Persona high availability file services are functionally built. File Persona comes with its own unique set of features and functionalities that requires the use of additional managed objects to both differentiate from similar block features and maintain consistency where appropriate.

File Persona concepts and terminology File Persona comprises the following managed objects:

• File provisioning groups (FPGs)

• Virtual file servers (VFSs)

• File stores

• File shares

File Persona benefits from the HPE 3PAR storage foundation including wide-striped logical disks and autonomic common provisioning groups (CPGs). A CPG can be shared between file and block storage to create the file shares or the logical unit numbers (LUNs) to provide true convergence. Figure 1 represents the four managed objects for File Persona within HPE 3PAR OS.


Figure 1. File Persona logical view

Relevant File Persona terms include:

• A file provisioning group is an instance of the HPE Adaptive File System. It controls how data from the file system is stored and retrieved. Each FPG is transparently constructed from one or multiple virtual volumes (VVs) and is the unit for replication and disaster recovery for File Persona. Up to 16 FPGs are supported on a node pair.

• A virtual file server acts as a virtual server that presents virtual IP addresses to clients, participates in user authentication services, and can have properties for things such as user or group quota management, File Lock policies, and antivirus policies. Many management tasks and policy decisions can be made at the VFS level. Up to 16 VFSs are supported on a node pair, one per FPG.

• File stores are the slice of a VFS and FPG at which snapshots are taken, capacity quota management can be performed, and File Lock policies and antivirus scan service policies are customized. File stores also enforce access control lists (ACLs) and inheritance in NTFS or legacy security mode. Up to 256 file stores are supported on a node pair, and 16 file stores are supported per VFS.

• File shares are what provide file level access to clients via SMB, NFS, FTP, and Object Access API protocols, subject to the share permissions applied to them. Multiple file shares can be created in a file store and at different directory levels within a file store.

File shares and VFSs are managed as normal operations using the SSMC. File stores and FPGs are typically managed explicitly for advanced operations only.

Resiliency and high availability File Persona uses a mission-critical, proven, 64-bit journaling file system that has been optimized for high metadata-driven workloads such as home directory consolidation and corporate and group shares.

File Persona benefits from the inherited HPE 3PAR StoreServ resiliency. In the event of a node failover, the necessary File Persona objects will fail over to the other node in the node pair. Depending on the protocol, the failovers are transparent to the users. Figure 2 illustrates how control fails over to another server without interruption if needed.

https://www.hpe.com/


Figure 2. File Persona high availability configuration

Networking File Persona requires one of the following components to be installed in an available PCI slot on each node pair:

• Four-port 1GbE NIC

• Two-port 10GbE NIC

• Four-port combo card with:

– 2 x 16Gb Fibre Channel + 2 x 10GbE ports

– 2 x 10GbE iSCSI + 2 x 10GbE ports, available on HPE 3PAR StoreServ 8000 series only

These network ports should match across a node pair because File Persona is enabled and configured on a per node pair basis. More details on enabling File Persona and configuring basic networking are described in the HPE 3PAR File Persona User Guide.

Departmental or functional network isolation can be implemented by configuring multiple virtual LANs (VLANs). Each VLAN uses its own static route as the VLAN-specific default gateway. This configuration acts as a “virtual router” that directs incoming connections and IP packets to the appropriate VFS VLAN and sends responses back to the client over the relevant route, thus allowing each VFS to have its own default route gateway. A total of 500 VLAN route definitions can be configured per system. Each subnet and VLAN ID combination must be unique. There is no performance impact from having static routes configured for VLAN IPs.

https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c04777927


Figure 3. Static VLAN routing

Name services and authentication Name services refers to the user account name and group name resolution and lookups from user and group databases such as Active Directory, LDAP, or a local user database. Name resolution refers to user, group, or hostname lookup in the respective name services databases. Authentication and authorization are essential components of home directories consolidation and corporate or group shares in the data center. Users trying to access their home directories over the network need to be identified with their associated credentials. The process of identifying an individual based on a user name and password is called authentication.

File Persona supports three types of name services for authentication—Active Directory, LDAP, and local database for local users and groups. It supports Kerberos, NTLMv2, and NTLM for Active Directory authentication.

File Persona uses the local user authentication method by default, but Active Directory and LDAP services can be added to the authentication stack for the user and group name lookup. Selecting the correct order optimizes the performance of account name lookups. The stacked authentication lookup order is persistent during the failover.

Note Authentication should generally be configured before starting to write data to the system, to avoid any implications of changes to the authentication scheme.

Active Directory Active Directory is a directory service primarily used in Microsoft Windows® environments, where Kerberos, NTLMv2, and NTLM are the primary types of authentication. File Persona supports the user credential authentication using Kerberos, NTLMv2, or NTLM authentication in Active Directory based on the authentication stack order defined within File Persona. The Active Directory performs name lookups and authentications for user accounts and groups. File Persona no longer stores any Active Directory credentials locally with the release of HPE 3PAR OS 3.3.1 MU2 Patch 26. This improves security while reducing liability.


The computer name created in the Active Directory domain is in the format of the HPE 3PAR StoreServ system name plus the node number (for example, deptserver#.sales.hpe.com). 1 Use the showfs -ad command at the HPE 3PAR OS CLI to verify that the node has joined the Active Directory domain properly.

Note Networking node IP addresses, gateway, and Domain Name System (DNS) should be configured on the File Persona node before attempting to associate to LDAP or Active Directory. NTP should be configured for the HPE 3PAR StoreServ system such that the array and the domain controller are synchronized before attempting an Active Directory-join, or the join might fail.

Lightweight Directory Access Protocol LDAP is most commonly used in Linux and UNIX® environments where customers have users that connect to SMB or NFS shares on an HPE 3PAR StoreServ system running File Persona. The LDAP provider uses ldapsearch requests to look up users and groups by name or security identifier (SID). File Persona can be configured to use up to five clone master LDAP servers for highly available, redundant lookups. Note that this ability requires setting up the LDAP Multi-Master replication environment. SIDs are formulated based on a SID prefix, user ID (UID), and group ID (GID) when the POSIX schema template is configured. SIDs also provide NTLM or NTLMv2 authentication by matching a user-supplied password with a Windows encrypted password stored in LDAP. The LDAP schema attribute that File Persona uses depends on the schema template used. The File Persona SMB server can be configured to use either a Samba or a POSIX schema, but it can use only one schema at a time. Use the showfs -ldap command at the CLI to check the status of LDAP authentication.

The LDAP connection for File Persona uses three categories:

• Simple connection: Authentication is performed through plain text.

• Secure Sockets Layer (SSL): Authentication is performed through NTLM and uses the LDAP server’s fully qualified domain name (FQDN) to connect. The communication is established on port 636 by default.

• Transport Layer Security (TLS): Authentication is performed through NTLM and uses the LDAP server’s FQDN to connect. The communication is established on port 389 by default.

Local authentication Local authentication is often used in smaller Windows or Linux and UNIX environments. Each node has a copy of the local user database. All changes to the local accounts database are replicated to all File Persona nodes in a system. Local users are authenticated using NTLMv2 by default. The password is stored in encrypted form in the local user database. UIDs and GIDs are assigned automatically if not specified during their creation. The storage administrator should make sure that IDs are unique across the name services.

Authentication stack order The authentication stack order can be configured from the SSMC after enabling advanced options in the Configure File Persona menu. Local Users & Groups must be included in the Provider Order, and LDAP and Active Directory are optional. Active Directory and Local Users & Groups are the default stacking orders (see Figure 4), and as a best practice, there should not be a value in the stacking order that is not configured. To show the configured stacking order on the CLI, use showfs –auth. Note that the stacking order is configured separately from the authentication methods, and if a method is not in the stack, users cannot authenticate using that method. File Persona uses this stack order to look up each authentication service to find an entry match, stopping on the first match found.

1 In Windows 2000 and later operating systems, DNS domain names support up to 24 characters in the hostname. Be sure to follow Microsoft guidelines for the hostname

character length.


Figure 4. Configuring the authentication stack order

Note The authentication and authorization method used for File Persona is separate from the security method used for HPE 3PAR StoreServ array management (SSMC and CLI).

Authorization and permissions Authorization is the process used to verify what effective permissions a user (or group) has on files or folders. Authorization is performed by comparing user account or member names of a group with the permissions on file storage resources such as files or directories. Only authorized users (or groups) are allowed to access any file or folder; the rest are denied access. For shared folder access, the user must go through the share permissions first to check if the user is authorized to access that share. An ACL is a list of access control entries (ACEs). Each ACE in an ACL identifies a trustee and specifies the access rights allowed, denied, or audited for that trustee. SMB users are granted access based on the advanced access rights allowed through the NTFS ACL permissions set on files and directories. NFS users are granted access based on the POSIX or NFSv4 ACL’s set on file or directories. The UID and GIDs are evaluated to determine access to files and directories.

HPE 3PAR OS 3.3.1 MU2 provides the ability to create UIDs and GIDs using any numbers above 100, with the first 100 being reserved by HPE 3PAR OS (earlier releases reserve ID numbers between 100–1000). The most restrictive user rights are enforced when granting access to files and folders.

Native ACLs Different authentication protocols handle permissions and user identities using different methods, and in a multiprotocol environment these different methods need to be mapped and combined. For example, ACLs under the Windows NTFS-based SMB protocol are based on SIDs, whereas ACLs under the Linux-based NFS protocol are based on UIDs and GIDs. Before HPE 3PAR OS 3.3.1 MU1, the Adaptive File System in File Persona converted these various ACL formats into a single converged ACL format to store those ACLs on the storage media. Starting with HPE 3PAR OS 3.3.1 MU1 Patch 08, the Adaptive File System can store ACLs on the storage media in their native format along with native user IDs for their respective protocols. For example, for any SMB client access, the NTFS ACLs are stored on the storage media with Windows SIDs. For any NFSv4 client access, the NFSv4 ACLs are stored with UIDs and GIDs. Similarly, for NFSv3, FTP, and REST API, POSIX ACLs with UIDs or GIDs are stored on the storage media independent of the security modes of the file stores.


With native ACL format, the dependency on the external name services is minimized for frequent name resolution, which increases the robustness of the file services especially for primary protocols. This increases the overall metadata performance for home directories, user shares, and collaboration workload types. It also helps to streamline the data migration operations involving frequent name lookups from name services.

Figure 5. Adaptive File System in File Persona

Converged ACLs Before HPE 3PAR OS 3.3.1 MU1, the Adaptive File System in File Persona converted these differing ACL formats into a converged ACL format and stored the new ACLs on the local storage. The converged ACL stores the permissions in NFSv4.1 ACL style with user identities in a User Principal Name (UPN) format for all files and directories; it converts the ACLs to each protocol-specific ACL for SMB, NFS, HTTP, or FTP clients on-access, as described in Table 1. The Adaptive File System also performs the user name resolution from the protocol-specific user name format to UPN format to store on the disk.

Table 1. Converged ACLs.

Converged ACL stack SMB NFSv3 NFSv4 Object Access API over HTTP

ACL enforcer SMB server FPG (file system) FPG (file system) FPG (file system)

ACLs enforced by File Persona NTFS ACLs POSIX ACLs POSIX ACLs POSIX ACLs

On-disk ACLs stored NFSv4.1 ACLs NFSv4.1 ACLs NFSv4.1 ACLs NFSv4.1 ACLs

Name resolution Domain\username →

user@domainname

UID/GID

user@domainname

user@domainname →

user@domainname

Domain\username →

user@domainname

Cross-protocol locking Many NAS customers want multiprotocol access for common data. Simultaneous read/write access with cross-protocol file locking ensures data integrity. In versions of HPE 3PAR OS earlier than 3.3.1, multiprotocol access in File Persona was limited to one protocol with read/write access and secondary protocols with read-only access. HPE 3PAR OS 3.3.1 enables support for cross-protocol locking, which allows customers to access data from more than one protocol with simultaneous read/write access. Using cross-protocol locking ensures that NFS clients can access the files opened by SMB clients through share mode locks.2 With File Persona, you can choose two different security modes for file stores at the time of the share creation:

• NTFS: This near-native experience allows for simultaneous read/write access for both Windows and POSIX clients that use cross-protocol file locking.

• Legacy: One protocol has read/write access whereas other protocols have read-only access, which offers backward-compatibility with File Persona running on HPE 3PAR OS 3.3.1 or earlier.

2 In this case, cross-protocol locking requires that SMB opportunistic locks and leases are disabled.


Note In versions of HPE 3PAR OS earlier than 3.3.1, File Persona supports file locking within a protocol but not across protocols, so accessing the same file simultaneously from different file protocols is not possible. This restriction does not preclude access of the directory or files by any file protocol at different times. For example, all locks held by SMB clients are honored by other SMB clients.

Access-based enumeration In addition to protecting sensitive information at the workplace, access-based enumeration (ABE) enables administrators to simplify the display of large directory structures for the benefit of users who do not need access to the full range of content. Users see only the files and folders that they are responsible for, rather than looking through a busy folder structure holding hundreds of user folders. Administrators can be more productive because they do not need to help less-skilled users navigate through dense shared folders. Enable ABE in File Persona by specifying the –abe true option when creating an SMB file share: createfs smb –abe true <vfs> <sharename>. You can also use the SSMC to enable this option when creating or modifying the file share (see Figure 6 [enable the advanced options]).

Figure 6. Enable access-based enumeration on file share

Note Access-based enumeration is valid only for SMB shares.

Protocol support Enterprise file sharing relies on a standard set of protocols in order to effectively access and move files. File Persona is constantly evolving its protocol stack to more effectively, securely, and reliably support file sharing in enterprise environments.

SMB protocol The SMB protocol is the most widely used protocol for home directory access. It brings a robust feature set for enterprise file sharing. File sharing protocols provide central data management that uses a client and server method, which reduces administrative overhead and provides more granular access control to the files.

SMB is the default protocol used by Windows clients. Mac, Linux, and Samba software packages are also available that use the SMB protocol to connect to an SMB file server. SMB brings a variety of security, performance, resiliency, and efficiency features that help customers offer home directories along with group, department, and corporate shares to their clients.


By default, the HPE 3PAR OS 3.3.1 MU2 Patch 26 release disables SMB 1.0 for new File Persona installations. (This is a global setting.) When upgrading existing File Persona installations to HPE 3PAR OS 3.3.1 MU2 Patch 26, the global SMB 1.0 configuration is not changed. However, after confirming all clients are on SMB 2.0 or later, disabling SMB 1.0 is strongly recommended for security reasons.

You can create an SMB file share by using createfshare smb [options <arg>] <vfs> <sharename>.

Figure 7. Creating SMB file share

File Persona supports SMB 3.1.1, 3.0, 2.1, 2.0, and 1.0. This includes integrity checks using Secure Hash Algorithm (SHA)-512, the advanced SMB 3.0 protocol transparent failover feature, SMB signing, and SMB opportunistic locks and leases (file and directory) for all SMB versions. In addition to these SMB protocol features, File Persona also supports Offloaded Data Transfer features of Windows 2012.


Table 2. Protocol support by operating system

Operating system SMB 3.1.1 SMB 3.0 SMB 2.1 SMB 2.0 SMB 1.0

Windows 10, Windows Server® 2016

Windows 8 and 8.1, Windows Server 2012 R2

Windows 7, Windows Server 2008 R2

Windows Server 2008

Mac OS X 10.7, 10.8, 10.9

Mac OS X 10.10, 10.11, 10.12, 10.13

SMB Transparent Failover SMB Transparent Failover is one of the key features introduced in SMB 3.0 with Windows Server 2012 and Windows 8. This feature enables administrators to configure Windows file shares to be continuously available. Using continuously available file shares, administrators can perform hardware or software maintenance on any cluster node without interrupting the client connections that store their data files on these file shares. Also, in case of a hardware or software failure, the clients transparently reconnect to another cluster node without disrupting the user connections. To benefit from SMB Transparent Failover, both the SMB client computer and the SMB server computer must support SMB 3.0 or later. Computers running earlier SMB versions (1.0, 2.0, or 2.1) can connect and access data on a file share that has the continuously available property set, but cannot leverage the benefits of the SMB Transparent Failover feature.

SMB signing SMB signing is a feature through which communications using SMB can be digitally signed at the packet level. Digitally signing the packets enables the recipient of the packets to confirm their point of origination and authenticity. This SMB security mechanism helps avoid issues such as tampering of packets.

SMB signing can be set to either enabled or required for both client-side and server-side communications. The settings can be specified by using the command:

Setfs smb [-f] [-enableoplocks {true|false}] [-signingenabled {true|false}] [-signingrequired {true|false}]

Note With SMB 1.0, if both client-side and server-side communications settings are false, then no signing is used at all.

If you enable Allow SMB signing in SSMC, the File Persona SMB server uses SMB signing when requested by the SMB client. Allow SMB signing is the default setting. If you enable SMB signing required, the File Persona SMB server communicates with SMB clients only if they have valid signatures. The default is disabled. You can manage this setting from the SSMC software by selecting an HPE 3PAR StoreServ array and then selecting Edit protocol settings from the Action menu. Clicking the SMB Settings drop-down menu shows all available options, as presented in Figure 8.


Figure 8. Setting the SMB signing option

SMB oplocks and leases Opportunistic locks or oplocks is a client caching mechanism that allows SMB and SMB 2.0 clients to decide the client-side buffering strategy dynamically, so the network traffic can be minimized to improve performance. In SMB 2.1, the client oplock lease model allows oplocks to be held by a client for enhanced file and handle caching opportunities. This feature enhances performance by reducing network bandwidth consumption, increasing file server scalability, and improving response time when accessing the files over a network. The only disadvantage of file level oplocks or leases is that if the files or folders on the file server are changed, clients with the cached listing of that directory would not be aware of the changes when directory listing is refreshed locally. In SMB 3.0, the directory-leasing feature improves this behavior by allowing the SMB client to cache the directory and file metadata together in a consistent manner for a longer duration. Clients are notified when directory information on the server changes and the data resynchronizes and updates the cache. This feature is designed to work with a user’s home folders (read/write with no sharing) and published shares (read-only with sharing). This results in improved network performance and faster response time.

SMB crediting SMB 2.0 and later use a credit-based flow control, which allows the server to control a client’s behavior. The server starts with a few credits and automatically scales up as needed. With this type of control, the protocol can keep more data in flight and better use the available bandwidth. Credit-based flow control makes it easy for clients to send multiple requests to a server. This process allows the client to build a pipeline of requests instead of waiting for a response before sending the next request. This is especially relevant when using a high-latency network.


Large MTU size The maximum transmission unit (MTU) of a communications protocol of a layer is the size (in bytes) of the largest protocol data unit that the layer can pass on. File Persona support for large MTU sizes was introduced in SMB 2.1 to achieve better performance for 10GbE (high-speed, low-latency) networks. In SMB 2.1, the MTU size increased from 64 KB to 1 MB. The large MTU option must be enabled in the registry on SMB client computers. It is enabled by default on Windows 2012 and 2012 R2. File Persona adapts to what the SMB client computer is using for its MTU size.

NFS protocol The NFS protocol is a versatile protocol for all Linux and UNIX clients. It provides high concurrency for the clients with central management of data using a client and server method. NFS reduces administrative overhead and provides granular access control.

Linux and UNIX clients use the NFS protocol by default because of inherent differences in machine architecture, operating system, network architecture, and transport protocol by using remote procedure calls (RPCs).

File Persona supports NFSv4 and NFSv3, along with a variety of Linux and UNIX client operating systems. Refer to the HPE SPOCK website for the latest interoperability matrix.

You can create an NFS file share by using createfshare nfs [options <arg>] <vfs> <sharename> to instruct the file share to use the NFS protocol.

Figure 9. Creating an NFS file share



FTP and FTPS protocol File Transfer Protocol is a client/server file sharing protocol that leverages clear-text authentication with user names and passwords or anonymous credentials. It is compatible with most operating systems, including Windows, UNIX, and Linux.

File Transfer Protocol over SSL adds a layer of security by supporting file transfer over TLS and SSL protocols. This added support enables the use of server-side and client-side public key authentication based on certificates.

Figure 10. Creating FTP file share


Development and integration HPE provides effective means for the integration and continued development of the HPE 3PAR File Persona experience through the Object Access API with REST over HTTP and deep integration with Microsoft environments.

Object Access API Web Services can be considered “RESTful” if they conform to the parameters described in the architectural constraints of REST. Complex file system semantics are compressed into a small number of commands.

REST over HTTP is a simple way for applications to interact with the storage where, unlike SMB or NFS, HTTP access is available from nearly every device. The API enables developers and customers to integrate direct file access into their applications. The File Persona Object Access API is a rich set of file system semantics that enable RESTful applications to access files and folders on the file share directly by using the REST API. File Persona supports the operations listed in Table 3.

Table 3. Object Access API supported operations

Operation Command value HTTP method

Create or replace a file (none) PUT

Set extended attributes xattr POST

Commit data to disk fsync POST

Create directories mkdir PUT

Move or rename files or directories mv POST

Change file group chgrp POST

Change permissions chmod POST

Change owner chown POST

Get extended attributes xattr GET

List directory with pagination ls GET

Download a file (none) GET

Display file or directory status stat GET

Remove extended attributes xattr DELETE

Remove directories rmdir DELETE

Delete a file (none) DELETE

Copy a file cp PUT

Copy a directory cp PUT

Download partial file (none) GET

Update partial file (none) POST

HPE 3PAR OS 3.3.1 introduces enhancements to the Object Access API, such as the file copy feature and the partial file access feature.

Note The file copy feature supports copying a file to another file and location in the share. It also supports copying a directory and all of its contents recursively to a new directory name and location in the share. Partial file access supports byte-range operations, which allows an application to retrieve a portion of the file without downloading the entire file. It also allows the application to modify a portion of the file without writing the entire file.

You can create an Object Access API-enabled file share by issuing the command: createfshare obj [options <arg>] <vfs> <sharename>


Object Access API HTTP examples are:

• To create a file:

PUT: http://10.33.19.94/v1/myObjShare/afile.txt

• To download a file:

GET: http://10.33.19.94/v1/myObjShare/afile.txt

• To delete a file:

DELETE: http://10.33.19.94/v1/myObjShare/afile.txt

• To list directory contents:

GET: http://10.33.19.94/v1/myObjShare/?cmd=ls&type=true

Integration with a Microsoft environment Home directory consolidation provides central management and security for users’ home directory environments. File Persona supports several Microsoft features that tightly integrate with home directory consolidation and group and corporate shares. These features make it easier for a storage administrator to manage user data and enhance the user experience at the same time. For example, NTFS ACLs, folder redirection, roaming user profiles, offline files, DFS namespace, and management are available through the MMC.

User settings and user files are typically stored in the local user profile under the Users folder on a local PC. The files in local user profiles can be accessed only from the current computer, which makes it difficult for users who regularly change workstations to work with their data and synchronize settings between multiple computers. Two technologies address this problem:

• Roaming user profiles: A roaming user profile is available in Windows operating systems. It allows users with a computer joined to a Windows Server domain to log on to any computer on the same network and access their documents. These users have a consistent desktop experience, so applications maintain the same toolbar positions, preferences, and desktop appearance. File Persona supports roaming user profiles to provide the same look and feel of the user desktop. This capability eases the process of replacing a user’s computer because all the user’s profile information is maintained separately on Active Directory, independent of the individual computer. When the user logs on to the new computer for the first time, the server copy of the user’s profile is copied to the new computer and the home directory path continues to point to the network home directory stored on the HPE 3PAR StoreServ system.

• Folder redirection: File Persona support for folder redirection lets administrators redirect the path of a user’s local profile and an application data folder to a new location. The location can be a folder on the local computer or a directory on a network file share—typically the network home directory on the StoreServ system. The documents in the folder are available to the user from any computer on the network as if the documents were based on the local drive.

Both technologies have their advantages, and they can be used separately or together to create a seamless user experience from one computer to another. They also provide additional options for administrators who manage user data.

Microsoft Offline Files The Microsoft Offline Files feature enables users to access copies of their network files by making the copies available offline, even when the computer is disconnected from the corporate network. By supporting this feature, File Persona enables home directory users to work with their network files offline by caching them on the local computer and automatically synchronizing their files the next time they connect to the network. To enable Offline Files when creating a file share, specify the –cache option to be off|manual|optimized|auto where:

• Off: The client must not cache any files from this share. The share is configured to disallow caching.

• Manual: The client must allow only manual caching for files opened from this share. This is the default setting.

• Optimized: The client may cache every file that it opens from this share. Also, the client may satisfy the file requests from its local cache. The share is configured to allow automatic caching of programs and documents.

• Auto: The client may cache every file that it opens from this share. The share is configured to allow automatic caching of documents.


The command createfshare smb –cache auto <vfs> <sharename> creates a file share on the VFS that allows automatic caching of documents.

Offloaded Data Transfer Offloaded Data Transfer (ODX) is a Windows feature that enhances host performance by off-loading copy and move operations. This allows the operations to be performed by the storage hardware rather than the operating system. Support for ODX was introduced in SMB 3.0. It serves as a way to off-load the copy of large files between SMB shares on the same controller. File Persona supports ODX natively in the HPE 3PAR StoreServ system to improve performance for large file transfers. By default, ODX is enabled in Windows Server 2012, along with Windows 8 and 8.1 when the prerequisites are met. ODX can be verified by entering the following command in a PowerShell session:

Get-ItemProperty hklm:\system\currentcontrolset\control\filesystem -Name "FilterSupportedFeaturesMode"

When ODX is enabled, the FilterSupportedFeaturesMode returns “0” as the value.

DFS namespace File Persona supports DFS namespace as a leaf node, so the shares can be easily distributed across the VFSs on the File Persona nodes for redundancy and load distribution. A namespace is a virtual view of shared folders where the path to a namespace is similar to a Universal Naming Convention (UNC) path to a shared folder. However, instead of referring to a server (such as \\SFO-vfs01\policies), it refers to the DFS namespace (such as \\hserver\policies), which provides a single place for users to locate data and distributes data across different VFSs to enhance availability and performance.

Figure 11. DFS namespace

Microsoft Management Console File Persona offers seamless integration with the MMC to manage shared folders on File Persona. Figure 12 provides an example, including creating new shares and deleting existing shares. To manage permissions for the share in Figure 12, you would need to right-click the share name, select Properties, and then select the Permission tab. This provides a well-known interface alternative to the SSMC for file share administrators.


Figure 12. Managing shared folders from MMC

Antivirus scanning File Persona supports antivirus scanning to provide data protection against viruses and malware. Antivirus scanning on a network share or home directory is critical for data protection because the incoming data is from multiple users and multiple PCs. It quarantines the infected files for an offline action to maintain business continuity, thus preventing outages by a virus attack. File Persona seamlessly integrates with Internet Content Adaptation Protocol (ICAP)-based external third-party antivirus servers. Currently, File Persona supports virus scan engines (VSEs) from Symantec Protection Engine, McAfee® VirusScan Enterprise version, McAfee VirusScan Enterprise for Storage, Trend Micro ServerProtect, Sophos Endpoint Protection antivirus software, and Kaspersky Security for Storage. Only a single VSE can be used at a time for an HPE 3PAR StoreServ system. For supported versions of the software, refer to the application support matrix at HPE SPOCK.

Figure 13. File Persona antivirus architecture

File Persona supports antivirus scan policies to control scanning as well as on-access (real-time) and on-demand scanning. For redundancy and improved throughput performance, virus scanning can be configured with multiple antivirus scan servers. Scanned file information is persisted to avoid running redundant scans and wasting valuable resources.

For more information on antivirus scanning, refer to the Virus scanning best practices guide for HPE 3PAR File Persona.

Quota management Quota management provides better control and planning for data growth, thus reducing the business cost for data backups and archiving. Furthermore, quotas balance resource utilization and help to ensure appropriate usage. Quotas can be combined with alerts, logs, and reporting events to maintain records. They are essential for organizations that implement a chargeback model in their environment.


https://www.hpe.com/h20195/v2/GetPDF.aspx/4AA5-6079ENW


File Persona enables quotas by default in the file system. It supports native quota management for user and group quotas on VFSs and capacity quotas on file stores. The user and group quotas can restrict the total capacity or the number of files (or both) for a user or group within a VFS. The capacity quotas on the file store enforce the quota policy to control the space usage and the number of files within that file store independent of users and groups storing files in it.

You can configure quotas used in File Persona with a hard threshold limit, which is immediately enforced after being exceeded (that is, users cannot write any more after the hard limit is reached), or a soft threshold limit. When a soft threshold limit is reached, a grace period (seven days by default) begins in which continued writes are allowed.

File Persona also supports quota reporting for current usage with alerts and events generated when soft or hard thresholds are reached. Quotas are persistent through a local failover to the other node in the node pair. You can manage quotas from the SSMC by navigating to the VFS details and selecting Manage User/Group Quotas from the Action menu. From this menu, you can create, modify, export, and import quotas, as shown in Figure 14.

Figure 14. Manage user and group quotas

HPE 3PAR File Access Auditing framework HPE 3PAR File Access Auditing (FAA) is a robust file access notification framework that is used to manage file access events on File Persona. The framework supports event notifications for files and directories that are accessed using NFS and SMB. It logs who, what, when, and where information for all files and directories at the file share level. The framework allows integration with third-party applications to achieve regulatory compliance requirements.


The FAA framework in File Persona allows clients or users to collect audit events in two ways—either as an internal consumer of processed log files or as an external consumer using third-party independent software vendor (ISV) applications. Internal and external consumers can stream events from a message queue exposed over the network. Internal consumers typically generate processed log files in XML or JSON. Internal consumers use a time-based dial or a size-based dial to rotate the logs. ISV application providers can write their own collection logic and read the live streaming events by connecting to the message queue in the File Persona node over the standard Advanced Message Queuing Protocol (AMQP) port. For more details, refer to the HPE 3PAR File Persona User Guide.

Figure 15. How File Access Auditing works

File Lock for data immutability and retention Protecting critical data from accidental deletion or malicious alteration is a key requirement for most organizations today. To support this, File Persona offers File Lock for data immutability and retention. As summarized in Table 4, File Lock operates in two modes: Enterprise mode and Compliance mode. Enterprise mode retains data for a specific time period as required by legal statute or internal governance. In Compliance mode, the root user is disabled, providing an extra level of protection against malicious modification of data. Compliance mode is designed for users who want to preserve critical electronic records. It also aligns with the United States Securities and Exchange Commission (SEC) rule 17a-4(f).

An assessment report from Cohasset Associates, Inc. describes File Lock Compliance on HPE 3PAR StoreServ with File Persona including how to meet SEC 17a-4(f) requirements. For more information, refer to the SEC 17a-4(f) Compliance Assessment report.

http://h20565.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04777927

https://h20195.www2.hpe.com/V2/GetDocument.aspx?docname=a00045093enw


Table 4. File Lock operation modes

File Lock feature Enterprise Compliance

Data protected from deletion ✓ ✓

Data protected from tampering ✓ ✓

Privilege delete by admin ✓ ✕

SEC 17a-4(f) compliance ✕ ✓

Default and customized retention ✓ ✓

Dual admin authentication ✕ ✓

Litigation hold ✓ ✓

Root user disabled ✕ ✓

Audit support ✕ ✓

Compliance clock ✕ ✓

File Lock can be enabled on either a VFS or file store level. It supports the following retention periods:

• Default retention period: If a specific retention period is not applied to a file, the file is retained for the default retention period.

• Minimum retention period: This period determines the shortest amount of time that a write-once, read-many (WORM) file can be retained.

• Maximum retention period: This period represents the longest retention period a file can have after it is committed to WORM.

• Autocommit period: Files that are not changed during this period are automatically committed to WORM or are WORM-retained when the period expires.

• Legal hold: Files are retained indefinitely during the periods of legal discovery. Files cannot be modified or deleted even if the original retention period has expired. A file reverts to its original retention period when a legal hold is revoked.

Circumstances can cause a file to change unexpectedly. For example:

• System hardware errors, such as write errors

• Degrading of on-disk data over time, which can change the stored bit values, even if no accesses to the data are performed

• Malicious or accidental changes made by users

File Lock supports data validation scans to ensure that WORM and retained files remain unchanged. A data validation scan computes hash sum values for the WORM and WORM-retained files and compares them with the values originally computed for the files.


Figure 16. How File Lock works

Figure 16 illustrates how different files work with File Lock:

• Normal: The file can be modified or deleted at any time. A checksum is not calculated for normal files and they are not managed by data retention.

• WORM: The file cannot be modified, but can be deleted at any time. WORM files can be managed by data retention. If the data validation feature is enabled, then a checksum is calculated for WORM files and used for validation scans. This ensures data consistency.

• WORM-retained: A WORM file becomes WORM-retained when a retention period is applied to it. The file cannot be modified, and cannot be deleted until the retention period expires. A checksum is calculated for WORM-retained files and they can be managed by data retention, if data validation is enabled.

The File Lock Enterprise mode is managed from the HPE 3PAR CLI and can be categorized into the following groups:

• setfsarchive

• showfsarchive

• startfsarchive

• stopfsarchive

• removefsarchive

For more details on these commands, see the HPE 3PAR OS Command Line Interface Reference guide.

Data protection HPE 3PAR File Persona provides highly available and resilient data protection. HPE Recovery Manager Central, HPE StoreOnce for backup and deduplication, and industry-standard methods such as snapshots enable administrators to create redundant copies of data to fit specific needs and recover from loss.



User-driven local recovery HPE 3PAR File Persona enables user-driven file recovery by using point-in-time file store snapshots, which are different from block volume HPE 3PAR Virtual Copy snapshots. A file store snapshot is a versioning mechanism that allows a view of present and past point-in-time states of the file system, while preserving previous states of files and folders. It allows users to perform the granular recovery of files or folders by themselves. Snapshots can be created on-demand or based on a schedule to create and delete expired snapshots. After snapshots are deleted, a snapshot reclamation process can be executed at the FPG level to reclaim any unused blocks.

A snapshot can be created using the SSMC from the VFS view. From the Action menu, select Create File Snapshot and fill out the required fields (see Figure 17). The equivalent for the CLI is createfsnap <vfs> <fstore> <tag>.

Figure 17. Create file snapshot

Restoring individual files from file store snapshots is much more efficient than administrator-driven recovery. The user can restore their files on their own when needed. For Windows clients, this recovery is facilitated by integrating file store snapshots with the Previous Versions tab in Windows Explorer (see Figure 18). For Linux and UNIX clients, users can restore the previous versions of these files from the .snapshot directory.


Figure 18. User-driven file recovery

Administrator-driven recovery In addition to user-driven recovery, HPE 3PAR File Persona also allows the storage administrator to recover the entire FPG using HPE 3PAR Virtual Copy technology, which provides a crash-consistent point-in-time snapshot of the entire FPG. This is useful for FPG recovery, in the event of a file system problem. The FPG is rolled back to the previous point in time at which the Virtual Copy was created. This recovery occurs offline, because the FPG has to be unmounted before the recovery starts. Figure 19 illustrates the process for an administrator-driven FPG recovery.

Figure 19. Administrator-driven recovery


Figure 19 breaks down the process:

• Step 1: A user error or corruption event is detected in the FPG.

• Step 2: Forget (unmount) the FPG.

• Step 3: Promote the Virtual Copy for the group of VVs making up the FPG to be recovered.

• Step 4: Recover (mount) the FPG to show up as an active FPG and enable client access.

Replication and disaster recovery For File Persona replication, HPE 3PAR Remote Copy software is used the same for File Persona VVs and for Block Persona VVs, supporting Synchronous, Asynchronous Periodic, and Synchronous Long Distance modes. All VVs in an FPG must be in a single Remote Copy group. File Persona supports 1:1, many-to-one (M:1), and one-to-many (1:N) replication topologies for failover purposes only—not for distribution purposes as a read-only target.

As a prerequisite for disaster recovery configuration for File Persona, the node networking, DNS configuration, Active Directory configuration, antivirus integration, scheduled tasks, and other pertinent features have to be set up manually on the remote array.

In a failover event, FPGs are automatically recovered as part of the failover and clients are not required to remount the shares after failover completion. An independent quorum witness that is used to enable Peer Persistence for block volumes also acts as an arbitrator to support the automatic failover. Failback after recovery is simply performed using a button in the SSMC.

For more information on how to configure Remote Copy, refer to the HPE 3PAR Remote Copy Software User Guide. For File Persona disaster recovery process details, refer to the Replication and disaster recovery guide for File Persona.

Traditional backup File Persona supports network share-based backup over SMB or NFS protocols and NDMP over iSCSI-based backup. Share-based backups can use any ISV that supports backups from file shares. File Persona supports the following software vendors for NDMP-based backup and restore functions:

• Micro Focus Data Protector

• Veritas NetBackup

• Commvault Simpana

• Dell EMC NetWorker

Note To verify the compatibility of supported backup software versions and target backup devices, refer to the SPOCK website.

RMC Express Protect flat backup HPE Recovery Manager Central (RMC) software integrates HPE 3PAR StoreServ primary storage with HPE StoreOnce systems to provide a converged availability and flat backup service that augments traditional backup approaches. It protects FPGs against corruption, accidental configuration errors, and deletions using HPE 3PAR Virtual Copy snapshots. RMC software also off-loads backups of entire FPGs to StoreOnce storage for long-term retention using HPE RMC Express Protect. Combining RMC with File Persona is a fast and cost-effective method for protecting user and configuration data of the VFS and FPG shares for rapid recovery. For more information, see the Data protection for HPE 3PAR File Persona Software with HPE Recovery Manager Central white paper.

http://h20628.www2.hpe.com/km-ext/kmcsdirect/emr_na-c03618143-21.pdf

http://h20195.www2.hpe.com/v2/GetDocument.aspx?docname=4AA5-8027ENW


http://h20195.www2.hpe.com/V2/GetPDF.aspx/4AA6-4642ENW.pdf


System configuration backup If you are using the integrated FPG backups and block snapshots with RMC, the self-describing nature of the FPG handles configuration data backup. If you are using traditional backup approaches such as NDMP or share-based backups, run the configuration backup separately to protect the configuration data for each VFS. This configuration backup contains the configuration information for the included file stores and file shares. In order to restore a configuration on another system with the same VFS structure, restore using the configuration backup at the VFS level. This ensures the backup will include ACLs for every share configured on the File Persona node (ACL preservation for configuration backup requires HPE 3PAR OS 3.3.1 or later.) The configuration backup and restore process varies based on the backup software being used. For more information, refer to the HPE 3PAR Command Line Interface Administrator Guide.

Enhanced support functionality HPE has provided access to commonly used support and administration tools to improve the customer experience. With versions earlier than HPE 3PAR OS 3.3.1 MU2 Patch 26, many support functions required contacting HPE support. Now a local administrator can perform their own network analysis using tools such as Ping and Traceroute. These tools allow an administrator to verify connectivity, latency, and routing information across their network to identify bottlenecks and potential points of contention.

Support for HPE 3PAR data services File Persona leverages data compaction technologies such as HPE 3PAR thin built-in zero detect, HPE 3PAR Thin Provisioning, and HPE 3PAR Thin Deduplication to enable efficient utilization of storage resources. File Persona is built on the industry-proven autonomic disk foundation of HPE 3PAR storage. In order to facilitate using the right place for the right file data at the right time, it uses Adaptive Optimization and Dynamic Optimization. It leverages Adaptive Flash Cache for performance acceleration for the read-intensive workloads of file sharing. It enables space and cost-efficient array-based snapshots (based on the FPG) by inheriting the Virtual Copy technology of the HPE 3PAR StoreServ array. The File Persona health status is included in the HPE 3PAR call-home process to enhance the support experience.

Conclusion HPE 3PAR File Persona Software is deeply integrated into the HPE 3PAR StoreServ Storage architecture to deliver a converged platform for provisioning both block volumes and file shares. Truly converged, flash-optimized HPE 3PAR StoreServ Storage addresses the needs of a broad spectrum of workloads and data types, today and into the future—from virtualization, databases, and applications using Block Persona to home directories and user shares, content management and collaboration, and data preservation and governance through File Persona—efficiently, effortlessly, and without compromise.

Figure 20. File Persona provides truly converged file and object access for primary storage



Table 5 summarizes the revision history for this white paper.

Table 5. Document revision

Date Updated for HPE 3PAR OS version

June 2018, Rev. 6 3.3.1 MU2 Patch 26

October 2017, Rev. 5 3.3.1 MU1

March 2017, Rev. 4 3.3.1

November 2015, Rev. 3 3.2.2

Resources HPE 3PAR StoreServ Storage: A reference and best practices guide hpe.com/h20195/v2/getpdf.aspx/4aa4-4524enw.pdf

Virus scanning best practices guide for HPE 3PAR File Persona hpe.com/h20195/v2/GetPDF.aspx/4AA5-6079ENW

Replication and disaster recovery guide for File Persona hpe.com/h20195/v2/getpdf.aspx/4AA5-8027ENW

Data protection for HPE 3PAR File Persona Software with HPE Recovery Manager Central h20195.www2.hpe.com/V2/GetPDF.aspx/4AA6-4642ENW.pdf

File sharing best practices guide: HPE 3PAR File Persona h20195.www2.hpe.com/v2/GetDocument.aspx?docname=4AA6-0699ENW

Protecting HPE 3PAR File Persona data h20195.www2.hpe.com/V2/GetDocument.aspx?docname=4AA5-7522ENW

HPE 3PAR StoreServ Management Console 3.1 Administrator Guide support.hpe.com/hpsc/doc/public/display?sp4ts.oid=5044394&docLocale=en_US&docId=emr_na-a00006232en_us

HPE 3PAR StoreServ Management Console 3.0 User Guide h20565.www2.hpe.com/hpsc/doc/public/display?docId=c05335261

HPE 3PAR Command Line Interface Administrator Guide h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04204251

HPE 3PAR Object Access API Reference h20565.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04532652

HPE 3PAR Web Services API 1.6.1 Developer Guide hpe.com/hpsc/doc/public/display?docId=c03606339

HPE SPOCK (storage system configuration specifications and compatibility information) h20272.www2.hpe.com/spock/

Cohasset Associates: SEC 17a-4(f) Compliance Assessment—HPE 3PAR StoreServ with File Lock Compliance h20195.www2.hpe.com/V2/GetDocument.aspx?docname=a00045093enw

https://www.hpe.com/h20195/v2/getpdf.aspx/4aa4-4524enw.pdf

https://www.hpe.com/h20195/v2/GetPDF.aspx/4AA5-6079ENW

https://www.hpe.com/h20195/v2/getpdf.aspx/4AA5-8027ENW

http://h20195.www2.hpe.com/V2/GetPDF.aspx/4AA6-4642ENW.pdf

http://h20195.www2.hpe.com/v2/GetDocument.aspx?docname=4AA6-0699ENW

http://h20195.www2.hpe.com/V2/GetDocument.aspx?docname=4AA5-7522ENW

https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=5044394&docLocale=en_US&docId=emr_na-a00006232en_us

http://h20565.www2.hpe.com/hpsc/doc/public/display?docId=c05335261



https://support.hpe.com/hpsc/doc/public/display?docId=c03606339

https://h20272.www2.hpe.com/spock/

https://h20195.www2.hpe.com/V2/GetDocument.aspx?docname=a00045093enw


Share now

Get updates

© Copyright 2014–2015, 2017–2019 Hewlett Packard Enterprise Development LP. The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein.

Microsoft, Windows, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. SAP HANA is a trademark or registered trademark of SAP SE in Germany and in several other countries. UNIX is a registered trademark of The Open Group. Linux is the registered trademark of Linus Torvalds in the U.S. and other countries. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. McAfee is a trademark or registered trademark of McAfee, Inc. in the United States and other countries. All other third-party marks are property of their respective owners.

4AA5-6078ENW, March 2019, Rev. 7

Learn more at hpe.com/storage/3parfilepersona

http://www.hpe.com/info/getupdated

https://www.hpe.com/global/hpechat/index.html?jumpid=Collaterals_4AA5-6078ENW

http://www.hpe.com/info/getupdated

https://www.hpe.com/us/en/product-catalog/storage/storage-software/pip.hpe-3par-file-persona-software.7415887.html

Technical Overview of HPE 3PAR File Persona Software ...€¦ · • Object Access API enables...

Documents

Transcript of Technical Overview of HPE 3PAR File Persona Software ...€¦ · • Object Access API enables...