Cloud Insights Workload Security Fpolicy Best Practice and Recommendations
Applies to
- CIFS
- NFS
- Cloud Secure
- FPolicy
Answer
What are some Best Practices and Recommendations pertaining to Cloud Secure Fpolicy Deployments?
Cloud Secure Specific Recommendations:
- Configuring the ONTAP SVM Data Collector - follow the Before you Begin section for Cloud Insight\Cloud Secure Data Collector Best Practices
- For optimal performance, you should configure the FPolicy server to be on the same subnet as the storage system.
NetApp Specific Recommendations:
-
Upgrade to the appropriate versions of ONTAP that have fixes for known fpolicy related issues
-
For Cloud Secure External Engines, set send-buffer-size to 1MB or greater
-
via the Cloud Secure UI, there is an option to set "Set ONTAP Send Buffer size" (1MB to 6MB)
-
-
To lessen the potential impact of latency, set abort timeout lower, for example: 5s.
If there is a large amount of latency between the Collector and the SVM, it can cause a delay in the TCP acknowledgements, and potential impact to latency in very rare occasions.
To decrease end-user latency in cases where there are connection issues or CPU starvation on the collector, it is recommended to lower the "Timeout for Aborting a Request" from 40 to 5 seconds.
Please NOTE this value is automatically set by Cloud Secure.
General Recommendations:
-
Ensure Data Collectors are appropriately sized based on number of events seen.
-
Use tools available on Agent - SVM Event Rate Checker
-
NOTE: Take special care in running the SVM Event Rate Checker against Existing Fpolicy Configurations or systems which are highly utilized.
Best practice to help minimize performance impact is run the tool at less utilized times or maintenence windows.
-
-
Create Cloud Insight FPolicy Dashboards - How to create a dashboard in Cloud Insight to determine Fpolicy request rate
-
Additional Information
- Varonis Fpolicy Best Practice and Recommendations
- Veritas Fpolicy Best Practice and Recommendations
- Komprise Fpolicy Best Practice and Recommendations
- Cloud Secure Fpolicy Best Practice and Recommendations
- Netwrix/Stealthbits Fpolicy Best Practice and Recommendations
- What are the FPolicy partner solutions for ONTAP?