Protocols

In addition to the NFS and CIFS file service protocols supported by the storage system, the following protocols are also supported:

HTTP
FTP
WebDAV

Each of these protocols can serve any file stored on the USD, subject to the configurations and permissions granted. HTTP and FTP, for example, both typically are set up to serve files from a given home directory only; this is a means of restricting data, and not a fundamental limitation of the protocol or the Unified Storage Device (USD).

The USD supports various other protocols. Following is a list of a few protocols, and their description:

Protocol	Description
TCP/IP	This is the fundamental networking protocol used to communicate with other Ethernet-attached devices. The protocols NFS, CIFS, HTTP, FTP, and WebDAV run on top of TCP/IP. CIFS depends on TCP connections to maintain its sessions.
Fibre Channel Protocol (FCP)	It encapsulates SCSI commands in a form suitable for transmission through a Storage Area Network (SAN) (It overcomes SCSI's relatively short cable length limitations). Because it encapsulates SCSI, its only use, at present, is to connect servers and disks. FCP can be switched, similarly to the Ethernet devices. It is a rare case to have heterogeneous storage devices attached to a SAN. It is more common to have one or more large disk arrays of the same type fronted by one or more switches of the same type.
iSCSI	It uses a standard Ethernet as the network fabric, as opposed to the Fibre Channel fabric used by FCP. iSCSI is a competitor of FCP.
NDMP	It is used to copy data from one USD to another, and from USD to tape devices and back. The client tells the two servers what to copy, and where. The subsequent operations take place directly between the servers. NDMP concerns itself with data blocks on disks, and not files. Therefore, it is not included in the list of major file-serving protocols above.
SNMP	It is a widely used system status reporting protocol. The NetApp devices supply a MIB, which the client-side applications use to display lists of what values are queried.
Telnet	It is used to connect to the USD's command-line interface
rsh	It is also used to connect to the USD's command-line interface.
SSH	It is a secure version of the rsh protocol.
Secure Socket Layer (SSL)	SSL is used to encrypt HTTP, rsh and Telnet sessions.
Kerberos	It is an authentication protocol used by Windows 2000 and above, and NFS.
Network Time Protocol (NTP)	It is used to synchronize system clocks. For example, Kerberos requires this protocol.
Dynamic Host Configuration Protocol (DHCP)	It is used to retrieve configuration information upon bootup.
Domain Name System (DNS)	It is used to retrieve host name information from IP addresses, and vice versa.
Network Information System (NIS)	It is a centralized database used to retrieve information that is originally kept in the files /etc/passwd, /etc/group, and so on.
Lightweight Directory Access Protocol (LDAP)	It is based on the X.500 directory protocol. It is a competitor of NIS.
SunRPC	The remote procedure call mechanism used by the NFS protocol.
DCE/RPC	The remote procedure call mechanism is used by Microsoft servers, and clients.
Cluster	The cluster interconnect cards used by clustered USDs to communicate with each other use a proprietary protocol over a fiber or copper link.
ONTAPI	A proprietary SOAP-like management protocol documented in the Manage ONTAP SDK.
CIM/WBEM	The USD has a proxy CIM server, which runs on a separate host, for USD management via SMI-S.

The USD also has two RS/232 serial ports, the first of which is used to connect to the console command-line interface. The second port is used in-house by support personnel for diagnostics purposes.

Many of the protocols listed above are management protocols, and as such expose the system to security risks. The USD can be configured to restrict access in many cases by IP address, in others by or also by user ID, and at a minimum by turning off the protocol. Secure LANS are an essential part of any storage system security program.

Related Topics