Feature Descriptions

What's Coming Soon Golden Copy Release 1.0

Key Features:​

1. Copy or sync Mode of a path to S3 storage

   1. Isilon Snapshot aware point in time copy or sync

2. Daily, Weekly, Monthly , Yearly Scheduled Golden Copy Snapshot copy of a path for long term lower cost snapshots stored in S3 storage

   1. ​Free up Isilon usable space by reducing snapshot retentions and copy to S3 storage for long term archive 

3. Copy Existing Isilon Snapshots to S3 storage for long term retention

4. Sync Mode uses Isilon change list for incrementals

   1. Delayed Delete in Sync mode to move deleted files to delete storage bucket

5. Rate limiting option per path in Mbps​

6. Smartconnect load balancing of copy work load across Isilon nodes

7. Meta data protection stored in S3 objects (ACL, owner, group, mode bits, date stamps)

8. Native file format copies and fold structure is preserved

9. Restore full or partial with meta data restored to Isilon file system

   1. Single file restore with any S3 Browser tool​

10. Dual copy a folder to multiple S3 targets

11. S3 supported targets Dell ECS and AWS S3 (Glazier or deep archive), planned Azure blob and Google cloud Storage

​

​

​

​

​

​

​

​

​

​

​

​

​

What's Coming Soon DR Release 2.5.6

DR Automation Enhancements:​

1. Faster Failover!!!! Configuration sync will no longer run during a failover, that will remove this time to complete from the failover.

2. Faster Failback!!!! Eyeglass jobs now automatically get enabled without any manual steps after a failover so that tailback readiness can be assessed faster and the jobs are in the correct state in Eyeglass.

3. New policy alerts notifies administrator an action is required to enable DR on new policies.

4. New job type default of none requires newly detected policies to be set to sync mode or DFS mode by the administrator before they can be enabled.  This work flow ensures policies do not get enabled in the wrong mode.

5. Copy and paste of Failover logs from DR Assistant to simplify getting logs to support.

6. DR Rehearsal Mode: Failover, Test, Throw away the changes. Complete DR Tests in much less time.

   1. Failover to DR make the target data writeable​

   2. Complete DR mount and write access testing

   3. Throw away changes to DR data

   4. Production copy on source cluster is online at all times

   5. Combine with networking bubble , cloned AD, DNS to complete DR testing with mirror of production  

7. REST API support for DR Test Mode, IP Pool failover

   1. Full API support to retrieve all DR Dashboard validations for all failover modes​

8. Auto Add all missing SPN's detected by Isilon.  Enables Eyeglass to check missing SPN's and insert them to ensure none are missing AND insert igls hint SPN's to suppress Isilon Alarms​ for missing SPN's

9. Any SPN Failover support Now any sun type can be failed over. Example NFS, HDFS, CIFS can be failed over in addition to the host spn used for SMB authentication.  This will allow HDFS Big data failover and support kerberoized NFS failover of SPN's.  

10. Concurrent Failover - This release will switch all installations to this default mode.  This allows several failovers to run in parallel of any time.  ​​​​The concurrent failover limit will increase from 4 to 10 or higher.  This applies to GUI failovers or API failovers.

11. New Validations For DR Readiness

    1. SPN AD Delegation is now automatically tested for correct delegation in AD for SPN failover​

    2. DNS Dual delegation validation check that all smartconnect names are correctly setup for DNS auto failover. Checks that 2 name servers are setup, verifies an A record correctly points to Isilon SSIP, validates the SSIP is the correct subnet for the pools that are failing over.

    3. Domain mark - Check if this has been run and raise warning in DR Dashboard 

    4. Mismatched SPN cases between AD and Isilon

12. GUI​

    1. Disable twitter release notification on login page​

13. ​Access Zone Migration New Dedicated Icon "Data Config Migration":

    1. Ability to copy only configuration data from one zone to another without need a synciq policy to exist.  This can be used by entering any source path and any target path with auto access zone detection.  NOTE:  The paths must exist.  This new job type can stay and run during normal configuration task to keep config data in sync during a migration.  New check box: "Migrate only configuration" 

    2. Ability to auto detect existing syncIQ policies on the source and target path and use them to sync configuration data.  This allows the copy policy to be setup and migration of configuration can use the existing policies in place.

14. Security Enhancements:​

    1. IGLS cli command to automate changing eyeglass service account password and restarting the process to take affect.  Useful for customers with a lot of clusters and regular password change policy can now automate this task​

​​

​​

​

​

​

​

​​

​

​

​

​

​

What's Coming in Release 2.5.5 Ransomware Defender, Easy Auditor and Cluster Storage Monitor

​

​​

Easy Auditor Enhancements:

1. Quick Scan Path Search - New architecture to accelerate results for path searching when no user is specified.  The user search is already indexed in a way to easily find all events by a user. The new search index will offer the same search speed for a path search. (patch release coming soon)

2. AI Analytics of user behavior - Analysis of the Auditor database can determine the optimal Ransomware Defender settings to best protect data and avoid false positives. (patch release coming soon) 

3. WireTap provides filtering, folder browsing and event filtering. Complete update with advanced filtering options full screen UI.  Realtime IO monitoring of users, paths , folder trees, or single folder.  Allows debugging performance issues.

4. Real-time Syslog Forwarding - Allow the ECA cluster to forward formatted syslog message to 3rd parties example SIEM tools, event filtering for user, path, event type with regex filters

5. Where did my folder go?  It will now track directory deletes in a fast cache lookup, and copy and paste results to Excel

6. HDFS protocol auditing - Supported now with current release

7. Builtin reports have been enhanced for performance and provide partial results while they execute

8. Optimized active audit triggers offers more performance at higher event rates to real-time DLP and Mass delete triggers

9. Active Auditor - Realtime Audit Triggers - Automate security, "No MORE Report Reading"

   1. If this happens and OR that happens send an alert, triggers do not use the database and process event data with stream based analytics.

   2. Predictive Analytics - Each custom trigger created evaluates event data over 1 minute intervals and every 5 minutes a prediction computation runs to provide more accuracy to your security policies getting triggered.

   3. Combine path, user and event types into a customized real-time audit policy that continuously monitors events and fires a trigger when the condition is met.

   4. Geofencing by user or path  - Network Aware Security - Real-time triggers can use the source ip of hosts or even entire subnets.  This allows a whole new security layer that can alert when access to storage is from authorized subnets or detect remote access from VPN or Wifi Guest networks

      1. Combined with user, path, file action, file name and more options powerful Geofence polices can be created to secure your data with network aware policies.​

   5. This allows and event to be sent via email or configure syslog forwarding to a SIEM.

   6. The only customizable real-time audit solution with no lag auditing for Isilon.

Ransomware Defender Enhancements:

1. No HDFS needed!!!! We have redesigned Ransomware Defender to no longer needed HDFS. Easier to install with fewer dependancies

2. New GUI for flag as false positive to view users that have been flagged and reset the a user to factor default detection settings

3. Allow file list add UI for whitelisting files on the dynamic extension list

4. SIEM Integration - audit data real-time syslog forwarding​

Cluster Storage Monitor:​​  

1. Large AD direct collection over LDAP will support direct connect to AD to collect users and groups.  Supports 1 million or greater object collection in < 2 minutes.

2. This new collection method will be shared by all products that need this information example Ransomware, defender, Cluster Storage Monitor all need user to SID resolution and user to group information.

Eyeglass Cluster Agent:

1. New distributed model allows remote sites to be managed by Mini-Eca a single VM to collect audit data and forward it centrally for process, analysis, storage and searching.  This is designed for customers that have distributed clusters and want centralized security and ransomware defense of all clusters.

2. New model can support IsilonSD clusters used at edge locations and offer centralized services.

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

What's Coming in Release 1.1.2 of Search & Recover

1. ​Snapshot Mode - Index and search Snapshot data to locate deleted data or old versions of files for recovery

   1. User Interface allows searching snapshots with the click of a button

   2. Restore files to the file system with simple right click restore (files restored with prefix and file secured to the user automatically

   3. Backup administrators or end users can easily recover data from snapshots

2. ACL Security Mode - New security mode that evaluates file system ACL's to determine search results to data based on both SMB and file system ACL security.  Fully automated security mode with no manual steps.

3. User Search Advanced Window supports Searching snapshots, Cloudpool archive data or Folders only

4. Active Directory Group support for adding search administrators to an indexed path

5. Phonehome Support - remote log collection for simpler support

6. Excel Results download support

7. Search Rest API allows building customer applications or automating searches for alerting

8. Index Audit feature to verify file system to index accuracy (runs weekly), removes orphaned index data from folder rename operations

9. New Quick Reports

   1. Who used up the space? (Coming Soon, Who used the space on that share last month?

   2. What's been Archived to Cloudpools? (Cloudpool stub reporting)

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

What's Coming in Release 1.1.1 of Search & Recover

1. Admin quick reports give you the answers you need to manage storage (see screenshots)

   1. What's Growing old?​

   2. Who owns that?

   3. Show me the Types

2. Dynamic Data Tags - auto tag data with content strings or ID's and leverage Dynamic Data tags in all searches and all reports. Example tag using project-123 can be located with wild cards project-???​ to find all projects, or project-1?? to find all projects that start with 1.  Very powerful , easy to use.​

3. Data Owner Administrator - Override Isilon security to create path based Data Owner Search Administrators

4. Alarms with SMTP configuration for sending alarms and status of indexing

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

What's Coming in Release 1.1.0 of Search & Recover

1. Full content and metadata indexing per path

2. User secure search with advanced field searching

3. Admin only mode for analytics, reporting and scripting file system actions based on results

4. 3 security modes (share level, ACL or hybrid)

5. Full and incremental index using change list API

​

​

​

​

​

​

​

​

​

​

​

​

What's Coming in Release 2.5.4 Cluster Storage Monitor Overview

1. Unlock my files!!!!​

   1. Help desk application to find locked files and break locks for users​. Dedicated Role in Eyeglass

   2. Secure proxy file list and break lock button requires Zero Isilon knowledge to use.

   3. This will be a feature that request Storage Cluster Monitor product license key.

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

What's Coming in Release 2.5.3  Overview

​

​

​

General:

1. Alarm emails are now basic html, no images included - subject of email includes application name and user name if relevant to the alarm.

   1. Alarm codes now visible in the UI​

   2. Email subject includes the application name that created the alarm for alarm filtering

2. igls command to change the severity of any alarm type, example sync jobs can generate a lot of alarms and are sent as critical. igls command can change this alarm code to major or warning on a per alarm code basis. This allows customers to lower severity of alarms without changing the global alarm severity filter settings. 

DR Edition Overview:

1. Overlapping Access Zone Failover support (see documentation for limitations)

   1. Overlapping means 2 access zones that share the same base path with at least 1 SyncIQ policy at or below the access zone path.

2. Major Enhancements to Quota syncing for large quota count customers

   1. Option to remove quota collection from normal share/export syncing. This is for large quota count customers to speed up the config sync and move quota inventory detection to a separate job. "Quota Sync Job"​

      1. This new job for Quota inventory can be scheduled independently fo config sync and defaults to once per day to collect quota's and detect quota changes.​

      2. Recommended for customers with > 1000 quotas

   2. DR Quota Sync

      1. Onefs 8.x required. Allow pre-staging of quotas on the DR cluster and avoid quota scan being triggered during failover. Once this feature is enabled. Quota failover checkbox in DR assistant is automatically disabled.

​

Easy Auditor Overview:

1. What's Happening Now?  

   1. Prebuilt indexed cache of events for active paths in the file system covering the 48 hours of activity. Allows ultra fast browsing based on file tree browser to see all events.  Interactive UI to select a path see all events and filter on event type or user. Similar to Pivot tables in spreadsheets dynamically built as events stream through the ECA cluster.

​

1. HIPAA - Compliance Reports

   1. 164.308(a)(5)(ii)(C) - Log in Monitoring built-in report

      1. User data access based on authentication audit messages allows compliance with HIPAA requirements to report on users that access data based on authentication records​

2. Easy Auditor Active Auditing Inline Analytics 

   1. Mass Delete file policy - Monitor paths for X files deleted in Y minutes with alarm and SnapshotIQ snapshots on paths that trigger mass delete policies. Analysis runs on the ECA cluster as events are processed. Per User policy​

   2. Data Loss Prevention Policy - Monitors a path for x % of data read over Y minutes per user will trigger an alert of possible data leak or bulk copy of secure data. Analysis runs on the ECA cluster as events are processed.

3. Scheduled Searches will send info alarm with name of the search in the email subject.

4. Builtin Reports​

   1. Employee Exit Report - quick easy search for HR when an employee leaves the company​

5. Auditing Features​

   1. Support for NFS file access User ID and source client IP address in reports that made the file change or access​

   2. NFS UID mapped to AD, NFS local user friendly name resolution in reports

   3. Auto Save Report to an NFS mount igls command to change location of saves and remount to Ision for centralized report storage

   4. New ECA Alarm detection for audit event ingestion issues

   5. New ECA Alarm for failure to write to Analytics Database

   6. New ingest IGS CLI select a date range of gz Isilon archived audit events.  

      1. Ingest missing data

      2. Ingest data on disk before Easy Auditor installation

      3. Avoids and detects duplicate events during ingestion process

   7. Load Balance processes on 6 node ECA clusters

   8. Historical search logs UI archives all query logs to the Isilon over HDFS with UI to download or navigate logs

   9. Support for 1 Million events in CSV reports

   10. Support for continuous results feature

       1. Allows retrieval of partial report data while its running 50 000 events at a time. Cancel a report search if the data required is already returned

   11. ​Support for NFS User ID in reports for NFS audit events plus source IP of the NFS client in reports

   12. Update to WireTap to support new internal event streaming architecture

6. Beta Features in this release​

   1. Robot Audit 

      1. This feature performs continuous auditing by creating user events as an SMB connected user.  The events are created , ingested and stored in the database.  The Robot audit process runs reports and counts file and directory events and logs success or failure.  This offers the highest level of confidence that audit data is being processed and stored.  The audit lag is the time from when an event is created to when the data is searchable.

Ransomware Defender Product:

1. Honey pot File traps

   1. Detection at the folder level allows files to be placed in specific folder locations as detection of any type of Ransomware behaviour attack that combines file access to Honeypot trap files that Defender users to track

   2. Ransomware at the folder level and does not depend on a specific file IO pattern for detection

   3. Uses immediate lock out logic when this detection trap is tripped

   4. Administrators can create this trap on any folder in the file system as needed.

2. Roaming Profile Support 

   1. Roaming profiles on Isilon shares writes files using a common Ransomware IO pattern trigger a lockout.

   2. New Relative path whitelist support allows only the directories of the profile to be added to the whitelist and still protect data in the users profile. Example whitelist /ifs/data/roamingprofilessharepath/*/Appdata This will ignore all user Appdata (the profile path) in each users home directory on a share that stores all users home directories.  

3. Learning mode

   1. Flag false positives to provide feedback for behaviour learning per user. Builds a feedback dynamic learning solution tuned for your NAS workflows.   

4. Support to lockout a client on an NFS export of Ransomware activity is detected. Disabled by default and enabled with igls cli  

​​

Cluster Storage Monitor Major Updates:

1. Managing quotas at scale requires tools to create, update and report. This update to CSM (Storage Cluster Monitor) brings a lot of enhancements.

   1. Manage quotas with Active Directory groups.  ​

      1. Create Gold, Silver and bronze tiers of quota or any configuration you need with Templates for Hard Soft, and advisor. Change a user AD group membership triggers an a quota change​

      2. Supports User quotas and directory quotas

      3. Directory quota allows setting a path baseline and a default subdirectory quota that is applied for each new directory detected

   2. UI now shows user or group assigned to to the quota in administration UI. ​

   3. %U Shares allow a template quota to be applied to each directory under the %U share. 

      1. This automates directory quota's with a default template that can be changed​ and update all directory quotas under the share path defined with %U

   4. Quota Reports now include templates assigned to users in AD

​

​​

​

​

What's Coming Soon Performance Auditor Release 1.0

Key Features:​

1. Real-Time 1 second updates to relate key performance metrics cluster wide or per node​

2. Performance Metrics:

   1. Cluster wide and per node read and write throughput​

   2. Per User (AD or NFS) read and writhe throughput

   3. Per file read and write throughput

   4. per source subnet range read and write throughput

   5. Per application read and write throughput

3. Auto Detected Top Applications resource consumers cluster wide​

4. Relates Node to user to files to subnets or any combination to zoom in on any resource with multiple views (node, user, file, application, subnet)

5. Pinning Feature allows a user, node, file or subnet anywhere on the cluster to be added to the real-time display to allow comparing the top resource consumer to the pinned object. 

   1. Example Pin a user that has raised a performance issue to the real time dashboard to easily see if this user is competing for resources on a heavily loaded node. 

   2. View the users file level performance be selecting the user to see bandwidth used by the application at the file level to determine the issue is an application issue or storage issue.

6. Planned to release updates ​

   1. Application wait time in ms measures application logic issues that slow down application performance​

   2. Application efficiency scoring dynamically scores application file system access patterns for reads and writes and compares to highest scoring applications in your environment.  Helps identify applications that do not use NAS data efficiently based wait time and application block requests

   3. SMB , NFS, HDFS protocol break down

   4. Netflix Mode - play ,pause, rewind, fast forward real-time performance data from the past

What's Coming Soon Data Marshal Release 1.0

Key Features:​

1. User work flow to self serve archive data to cloudpools or Isilon file pool (example Archive node tier)

2. Searching for archived data based on meta data or content aware indexing

3. User reporting of archived vs non-archived data reporting

4. Release 1.0 to support a two tier archive a cluster file pool tier (A nodes) and a  cloudpool pool tier.

   1. Tier 1 is file pool archive nodes in the cluster

   2. Tier 2 is S3 cloudpool storage

   3.  Users or administrators can move data between file pool and cloudpool storage 

5. Embedded Isilon file system tagging solution stores life cycle  archive status as a file tag in OneFS.  Supports synciq and snapshot IQ protection of tags 

   1. file tag history to track a files data movement between tiers​

6. Billing Report GUI to show archived data over time by user, by type of file or age of files with export to CSV

7. Billing data api to provide json api results for integration into external billing tools

8. End user Recall data from archive to the main file system