DOCSLIB.ORG

Xsan Security

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

559 Appendix A Xsan Security Xsan is Apple’s implementation of a Clustered File System. This means that the file system can be accessed by multiple machines concurrently. Fibre Channel is an extension of the SCSI protocol and can be accessed through fiber optic cabling. Using Xsan, multiple Macs can simultaneously access shared storage provided over a Fibre Channel network. This allows multiple users to access data striped across a large number of physical drives (let’s just say six Promise VTrak RAIDs’ worth) as though they are one volume. Each client can access data at speeds of up to 4Gbps. Xsan is commonly used high-definition video and multiuser high-bandwidth creative environments, and it is also found in web and file-sharing farms. Xsan is based on the StorNext File System, made by Quantum. Apple and Quantum both claim interoperability between StorNext and Xsan, which means that by combining the two, it’s possibly for Macs, Windows, and many Unix variants (including Solaris, AIX, Linux and IRIX) can share communicate and share storage in a fast Fibre Channel environment. When looking to secure Xsan, you may find that there are specific features of StorNext that you want to use. Because Xsan is based on StorNext, many of the features of StorNext are built into the Xsan but might not be available through Xsan Admin. To begin unlocking some of the hidden features of Xsan, you will need to dip into the command line. Xsan stores most of its data in /Library/Filesystems/Xsan. Configuration files are stored in the Config directory, and binaries are in the bin directory. The files in Config contain information about the structure of the SAN and any volumes on the SAN. The Config directory should not be world-writable, because if it is altered or deleted, the entire SAN volume could be deleted with it. The commands to control and configure Xsan are cvlabel, cvadmin, cvfsck, and cvcp. These commands are analogous to some Unix commands (and are similarly named), but they are quite specific to Xsan. Be wary of using a Unix commands in place of the Xsan- specific command. As an example, you should never, ever run fsck on an Xsan volume. 559 560 APPENDIX A: Xsan Security Metadata In an Xsan, your Metadata is the information about where on the physical disks your files are found, how many pieces they’re in, how to assemble those pieces when a client requests a file, and which clients have those files locked for writing. Metadata should be stored on a dedicated Fibre Channel LUN (logical unit number, which each logical segmentation of a target storage device has to uniquely identify it within the target storage). It is very important that it live on a mirrored RAID set, to lessen the risk of it being lost. Xsan storage is broken down into three parts: LUN: “Logical Unit Number”. A logical grouping of drives into a single entity. Usually a RAID set, but it could be a single drive. Storage pool: A group of LUNs. Each client can write to multiple LUNs through a single storage pool. Volumes: The logical volume presented to the client. It appears as a single local drive. Metadata is then managed by a metadata controller, which determines where data will go on the SAN and keeps track of where each slice of the data resides (similar to a file allocation table). Each volume should have two metadata controllers, a primary and a secondary. While you can have multiple metadata controllers, only one is ever active (per volume) at a given time. Each SAN client requires full access to all LUNs in order to write data. The metadata is simply a pointer that tells the SAN where to write data. If any of the LUNs that make up a storage pool cannot be seen over the Fibre Channel network by a metadata controller or a client, the storage pool reports “STRIPE GROUP DOWN,” and your Xsan volume will go down. For example, if you were to unplug the cable for one target, you would likely bring an entire Xsan environment down. Therefore, physical security becomes very important with Xsan environments. NOTE: If you are just using Xsan as a back-end file system for a number of bridgehead file servers then you can restrict access to the LUNs to only the WWNNs of the metadata controllers and file servers. The root user of any workstation that is connected through Fibre Channel to an Xsan environment can write directly to any accessible LUNs by writing data into /dev/<LUN>. A common path might be /dev/rdisk4. The association between and device ID and a LUN can be found in the Xsan labels for each LUN. If you write enough arbitrary data into the metadata LUN, then you will cause a volume to become inaccessible. This can be dangerous, because once the Xsan environment is restarted, it will read an invalid amount of data about itself, and therefore be unable to mount the volume. This is a denial of service attack and a tampering attack on the SAN that can be initiated by any client system that has a valid admin/root account. This is very dangerous, and there is APPENDIX A: Xsan Security 561 no workaround for it, other than restricting access to administrative or root accounts on SAN clients. Fibre Channel With Fibre Channel, you can cascade two switches by bonding (sometimes referred to as stacking) their backplanes with a 10GB to 20GB connection. Most environments use bonding in order to achieve very fast speeds between switches. From a security perspective, one nice feature of a stacked environment is that you can apply access controls across multiple switches. Affinities Storage pools can be assigned an affinity. When data is moved to the affinity, space is allocated from a specific storage pool rather than in a round-robin fashion across all the storage pools. Affinity data can be restricted to specific LUNs. Access to affinities can be limited to certain groups. Data that requires a higher level of integrity can then be given an affinity or volatile data that requires speed (such as a capture scratch) can be given the fastest possible storage (ie – SAS drives running on a RAID 0-based LUN). You can use Xsan Admin to assign an affinity to a folder at the top level of a volume. However, to assign an affinity to a nested folder, use the cvmkdir command. For example: sudo /Library/Filesystems/Xsan/bin/cvmkdir -k <affinity-name> <path-to-folder> Permissions Xsan volumes appear, to the client, as local storage. Therefore, when a file or folder is created on a volume, POSIX permissions will be assigned it based on the umask of the client user. Ownership of the files and folders will be tracked by the UID on the local system of the user who created them. A common practice in Xsan environments is to change the default umask of the client systems to 002, which will grant read and write access to owner and group, and read-only for all others. Managing permissions using only local user accounts and POSIX permissions can be very difficult. Many administrators will use Open Directory to manage users and groups, and Access Control Lists (ACLs) to manage permissions on files. ACLs greatly simplify permissions management, and they are even more valuable when other operating systems are accessing your volume. Windows and Linux clients treat ownership and permissions differently than Macs if they are tapping in through NFS, AFP and /or SMB. When ACLs are in use, new files added to the SAN volume will have the same permissions, no matter how the specific services are configured. To enable an ACL, open Server Admin, click on Sharing and browse to the root of a volume. Click Sharing, and then Volumes, and then List. Next, click the root of an Xsan volume, and then click on the Permissions tab. Check the box for Enable ACLs on 562 APPENDIX A: Xsan Security selected volume. Next, configure the permissions that should be in the ACL box, and then click the Save button. Data that is written to the Xsan volume will now have the permissions of the folder above it, provided the ACEs are set to inherit permissions (see Chapter 4). ACL entries can easily be added using Server Admin. This can be much easier than using the default umask. Quotas Quotas are also an important part of Xsan. A quota is the amount of space a user can utilize on the SAN. As an administrator, you can set hard and soft quotas for every user on the Xsan. A soft quota lets the user continue to save files when they pass their quota, but they will be warned that they are over their limit. When they reach the hard quota, they will not be able to save any more data until the administrator of the SAN gives them more space, or they delete some files. When users near their quotas, they will be alerted. Other SAN Solutions Xsan is a fast and fairly straightforward SAN product. It does not provide any capability for backup or snapshots, it is not as fault tolerant as it could be, and it is a little too latent for certain applications (such as Pro Tools by Digidesign). Other providers of SAN solutions include EMC, NetApp, and LeftHand Networks (a division of HP). These products can be made to work with the Mac OS X platform, although many do not work without using third-party software.
Recommended publications
  • How to Set up IP Camera by Using a Macintosh Computer

    How to Set up IP Camera by Using a Macintosh Computer

    EDIMAX COMPUTER INC. Edimax IP Camera series How to set up IP Camera by using a Macintosh computer 2011 Edimax Computer 3350 Scott Blvd., Building #15 Santa Clara, California 95054, USA Phone 408-496-1105 • Fax 408-980-1530 www.edimax.us How to setup Edimax IP Camera by a Macintosh computer Introduction The most important thing to setup IP Camera is to assign a static IP address so the camera can work with your network. So far the Edimax IP Cam Admin utility is Windows based only and the program can not work for Macintosh computers. Macintosh users can follow this guide to set up Edimax IP camera. Step 1. Understand the IP address used in your network. Have your Macintosh computer operate as usual. Go into System Preferences. In System Preferences, Go to Network. Select the adapter you are using. It could be an Airport card, a third- party Wireless card, or an Ethernet Adapter. Write down the IP address, subnet mask, Router, and DNS server address. We have a usb wireless card in this example. Its IP address 10.0.1.2 told us that the IP addresses used in the network are 10.0.1.x. All the devices in the network have the first three octets the same, but the last octet number must be different. We decide to give our new camera an IP address 10.0.1.100 because no other computer device use 10.0.1.100. We temporarily disconnect the wireless adapter. You can turn off your Airport adapter if you use it to get on Internet.
  • Linkedin Corporation Not Just Your Ordinary Network

    Linkedin Corporation Not Just Your Ordinary Network

    LinkedIn Corporation Not Just Your Ordinary Network Hardware In the business world, relationships matter, and no company understands this better • Xserve than LinkedIn. Cofounders Reid Hoffman and Jean-Luc Vaillant created the premier • Xsan professional social network to help people open doors to opportunities using the • Mac Pro business relationships they have already established. LinkedIn’s secret is the six- • MacBook degrees-of-separation philosophy, which helps people connect to a broader network, • MacBook Air find each other, and be found. The approach is clearly working. Today, LinkedIn is an • MacBook Pro online network of more than 40 million experienced professionals around the world, • Mac mini representing 150 industries. • iPhone • iPod 99 percent Java, 100 percent Mac • Apple Cinema Display A no-nonsense site with little visual fluff and few distractions, LinkedIn provides the perfect venue for busy professionals who have little time to spare. Behind the scenes, a team of talented engineers and software developers work to keep the site stream- Software lined, responsive, and as useful as possible. To equip technical staff with a powerful • Mac OS X Leopard development environment and the high-performance hardware necessary to write, • Mac OS X Leopard Server debug, and deploy code efficiently, LinkedIn has a standard policy: All development • Apple Remote Desktop is 99 percent Java and 100 percent Mac. • iChat • QuickTime Streaming Server Every new engineer who joins LinkedIn automatically receives a new Mac Pro with • QuickTime Broadcast Server dual quad-core “Nehalem” CPUs and 12GB of RAM, as well as a MacBook. The only • JAMF Casper Suite tough decision: engineers must choose between two 23-inch Apple Cinema Displays • Microsoft Office or one 30-inch Apple Cinema HD Display.
  • Filenet Image Services Installation and Configuration Procedures

    Filenet Image Services Installation and Configuration Procedures

    IBM FileNet Image Services 4.1.2 Installation and Configuration Procedures SC19-2680-01 IBM FileNet Image Services 4.1.2 Installation and Configuration Procedures SC19-2680-01 Note Before using this information and the product it supports, read the information in .“Notices” on page 273 This edition applies to version 4.1.2 of IBM FileNet Image Services (product number 5724-R95) and to all subsequent releases and modifications until otherwise indicated in new editions. © Copyright International Business Machines Corporation 1984, 2008. US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Table of Contents About this document. 15 Revision Log . 15 Typographical Conventions. 16 Accessing IBM FileNet documentation . 16 Feedback . 17 Documentation feedback . 17 Product consumability feedback. 17 Installation Checklists and Required Skills. 18 Installation Checklist for AIX Servers . 18 Installation Checklist for HP-UX Servers. 20 Installation Checklist for Solaris Servers. 21 Installation Checklist for Windows Servers. 22 Required Skills . 23 Installation Planning Considerations. 24 Hardware Requirements . 24 Server Memory . 24 Total Swap Space . 24 Total Disk Space . 25 Multicultural support . 25 Additional Requirements for AIX . 26 Additional Requirements for HP-UX . 26 Additional Requirements for Solaris . 28 Additional Requirements for Windows Server . 28 Software Requirements. 29 Server Naming Convention . 29 Object Name . 29 Domain Name . 29 Organization Name . 29 Image Services software image . 29 RDBMS software . 30 IBM DB2 RDBMS Software . 30 Oracle RDBMS Software (FileNet-controlled) . 30 Oracle RDBMS Software (Site-controlled) . 30 MS-SQL RDBMS Software . 30 Debugging Software . 30 Debugger - AIX . 30 Debugger - HP-UX .
  • Automator Workflow Techniques 3/4/09 8:51 AM

    Automator Workflow Techniques 3/4/09 8:51 AM

    Apple - Pro - Techniques - Automator Workflow Techniques 3/4/09 8:51 AM Search Profiles Techniques Pro Tips Resources Automator Workflow Techniques Uploading Aperture Image Previews to Automator Workflow Techniques an FTP Server Creating a Folder Watching Workflow By Ben Waldie Creating a Scheduled Automator Workflow Export presets in Aperture make it easy to quickly export preview versions of selected images in your photo library. But wouldn’t it be great to automatically rename those images and send them to your FTP server at the Individually Processing Files Through an Automator Workflow same time? With Automator, you can. Uploading Aperture Image Previews to an FTP Server The following steps will walk you through the process of creating an Automator workflow that will export selected aperture images as previews, rename them sequentially with the current date, and upload them to your FTP server. Creating a Photo Slideshow DVD This particular workflow uses the popular FTP/SFTP application Fetch to perform the upload process. Creating an iWeb Photo Preview Page Automator support was introduced with Fetch version 5.1, so you will need to make sure that you have Fetch 5.1 or higher installed to use this workflow. A demonstration version of Fetch is available from the Fetch Softworks website. Downloads and Useful Links Step 1: Create a folder named Web Images on the Step 9: Locate and select the Rename Finder Items desktop. action in the Finder category, and drag it into the Download the workflow described here workflow area. Choose Make Sequential from the Learn more about Automator Step 2: Launch Automator, located in the popup at the top of the action.
  • Mac OS X Server Administrator's Guide

    Mac OS X Server Administrator's Guide

    034-9285.S4AdminPDF 6/27/02 2:07 PM Page 1 Mac OS X Server Administrator’s Guide K Apple Computer, Inc. © 2002 Apple Computer, Inc. All rights reserved. Under the copyright laws, this publication may not be copied, in whole or in part, without the written consent of Apple. The Apple logo is a trademark of Apple Computer, Inc., registered in the U.S. and other countries. Use of the “keyboard” Apple logo (Option-Shift-K) for commercial purposes without the prior written consent of Apple may constitute trademark infringement and unfair competition in violation of federal and state laws. Apple, the Apple logo, AppleScript, AppleShare, AppleTalk, ColorSync, FireWire, Keychain, Mac, Macintosh, Power Macintosh, QuickTime, Sherlock, and WebObjects are trademarks of Apple Computer, Inc., registered in the U.S. and other countries. AirPort, Extensions Manager, Finder, iMac, and Power Mac are trademarks of Apple Computer, Inc. Adobe and PostScript are trademarks of Adobe Systems Incorporated. Java and all Java-based trademarks and logos are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. Netscape Navigator is a trademark of Netscape Communications Corporation. RealAudio is a trademark of Progressive Networks, Inc. © 1995–2001 The Apache Group. All rights reserved. UNIX is a registered trademark in the United States and other countries, licensed exclusively through X/Open Company, Ltd. 062-9285/7-26-02 LL9285.Book Page 3 Tuesday, June 25, 2002 3:59 PM Contents Preface How to Use This Guide 39 What’s Included
  • Trend Micro Security (For Mac) 3.0 Administrator's Guide

    Trend Micro Security (For Mac) 3.0 Administrator's Guide

    Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the software, please review the readme files, release notes, and the latest version of the applicable user documentation, which are available from the Trend Micro website at: http://docs.trendmicro.com/en-us/enterprise/trend-micro-security-(for-mac).aspx Trend Micro, the Trend Micro t-ball logo, OfficeScan, Worry-Free and TrendLabs are trademarks or registered trademarks of Trend Micro, Incorporated. All other product or company names may be trademarks or registered trademarks of their owners. Copyright © 2017 Trend Micro Incorporated. All rights reserved. Document Part No.: TSEM37299/160114 Release Date: February 2017 The user documentation for Trend Micro Security (for Mac) introduces the main features of the software and installation instructions for your production environment. Read through it before installing or using the software. Detailed information about how to use specific features within the software are available in the online help file and the online Knowledge Base at Trend Micro’s website. Trend Micro always seeks to improve its documentation. If you have questions, comments, or suggestions about this or any Trend Micro document, please contact us at [email protected]. Please evaluate this documentation on the following site: http://www.trendmicro.com/download/documentation/rating.asp Table of Contents Preface Preface ..............................................................................................................
  • Tinkertool System 7 Reference Manual Ii

    Tinkertool System 7 Reference Manual Ii

    Documentation 0642-1075/2 TinkerTool System 7 Reference Manual ii Version 7.5, August 24, 2021. US-English edition. MBS Documentation 0642-1075/2 © Copyright 2003 – 2021 by Marcel Bresink Software-Systeme Marcel Bresink Software-Systeme Ringstr. 21 56630 Kretz Germany All rights reserved. No part of this publication may be redistributed, translated in other languages, or transmitted, in any form or by any means, electronic, mechanical, recording, or otherwise, without the prior written permission of the publisher. This publication may contain examples of data used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious and any similarity to the names and addresses used by an actual business enterprise is entirely coincidental. This publication could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. The publisher may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice. Make sure that you are using the correct edition of the publication for the level of the product. The version number can be found at the top of this page. Apple, macOS, iCloud, and FireWire are registered trademarks of Apple Inc. Intel is a registered trademark of Intel Corporation. UNIX is a registered trademark of The Open Group. Broadcom is a registered trademark of Broadcom, Inc. Amazon Web Services is a registered trademark of Amazon.com, Inc.
  • Chapter 1. Origins of Mac OS X

    Chapter 1. Origins of Mac OS X

    1 Chapter 1. Origins of Mac OS X "Most ideas come from previous ideas." Alan Curtis Kay The Mac OS X operating system represents a rather successful coming together of paradigms, ideologies, and technologies that have often resisted each other in the past. A good example is the cordial relationship that exists between the command-line and graphical interfaces in Mac OS X. The system is a result of the trials and tribulations of Apple and NeXT, as well as their user and developer communities. Mac OS X exemplifies how a capable system can result from the direct or indirect efforts of corporations, academic and research communities, the Open Source and Free Software movements, and, of course, individuals. Apple has been around since 1976, and many accounts of its history have been told. If the story of Apple as a company is fascinating, so is the technical history of Apple's operating systems. In this chapter,[1] we will trace the history of Mac OS X, discussing several technologies whose confluence eventually led to the modern-day Apple operating system. [1] This book's accompanying web site (www.osxbook.com) provides a more detailed technical history of all of Apple's operating systems. 1 2 2 1 1.1. Apple's Quest for the[2] Operating System [2] Whereas the word "the" is used here to designate prominence and desirability, it is an interesting coincidence that "THE" was the name of a multiprogramming system described by Edsger W. Dijkstra in a 1968 paper. It was March 1988. The Macintosh had been around for four years.
  • Stornext 4.0 CLI Reference Guide

    Stornext 4.0 CLI Reference Guide

    Quantum StorNext 4.0 CLI Reference Guide Introduction 5 Viewing man Pages 5 File System Commands 6 cvadmin . 6 cvaffinity . 10 cvcp . 11 cvfsck . 13 cvfsid. 14 cvlabel. 15 cvmkdir . 17 cvmkfile. 17 cvmkfs. 18 cvupdatefs . 19 cvversions . 20 Storage Manager Commands 20 fsaddclass . 22 fsaddrelation. 25 fschdiat . 26 fschfiat . 27 fschmedstate. 28 fschstate . 29 fsclassinfo . 29 fsclassrnm . 30 fsclean. 30 fsdirclass . 31 Document 6-01688-09 Rev A, March 2010 Quantum StorNext 4.0 CLI Reference Guide Document 6-01688-09 Rev A March 2010 fsdrvclean . 32 fsfilecopy. 32 fsfileinfo . 33 fsmedcopy . 34 fsmedinfo . 35 fsmedlist . 36 fsmodclass . 37 fspolicy . 39 fsqueue . 41 fsrecover . 41 fsretrieve . 43 fsrmcopy . 44 fsrmdiskcopy. 44 fsrminfo . 45 fsschedlock . 46 fsschedule . 47 fsstate . 48 fsstore. 49 fsusedspace. 50 fsversion . 50 snbackup. 51 snbkpreport . 51 sndpscfg . 52 snpolicy. 53 snrestore . 53 vsarchiveqry . 54 vsdriveqry . 55 vsdrivevary . 56 vsmedclassqry . 57 vsmedqry . 58 vspoolcfg . 59 vspoolqry . 60 vsreclassify . 61 Contacting Quantum 62 2 Contents Quantum StorNext 4.0 CLI Reference Guide Document 6-01688-09 Rev A March 2010 Made in the USA. Quantum Corporation provides this publication “as is” without warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability or fitness for a particular purpose. Quantum Corporation may revise this publication from time to time without notice. COPYRIGHT STATEMENT © 2010 Quantum Corporation. All rights reserved. Your right to copy this manual is limited by copyright law. Making copies or adaptations without prior written authorization of Quantum Corporation is prohibited by law and constitutes a punishable violation of the law.
  • Well Known TCP and UDP Ports Used by Apple Software Products

    Well Known TCP and UDP Ports Used by Apple Software Products

    Well known TCP and UDP ports used by Apple Languages English software products Symptoms Learn more about TCP and UDP ports used by Apple products, such as OS X, OS X Server, Apple Remote Desktop, and iCloud. Many of these are referred to as "well known" industry standard ports. Resolution About this table The Service or Protocol Name column lists services registered with the Internet Assigned Numbers Authority (http://www.iana.org/), except where noted as "unregistered use." The names of Apple products that use these services or protocols appear in the Used By/Additional Information column. The RFC column lists the number of the Request For Comment document that defines the particular service or protocol, which may be used for reference. RFC documents are maintained by RFC Editor (http://www.rfc- editor.org/). If multiple RFCs define a protocol, there may only be one listed here. This article is updated periodically and contains information that is available at time of publication. This document is intended as a quick reference and should not be regarded as comprehensive. Apple products listed in the table are the most commonly used examples, not a comprehensive list. For more information, review the Notes below the table. Tip: Some services may use two or more ports. It is recommend that once you've found an instance of a product in this list, search on the name (Command-F) and then repeat (Command-G) to locate all occurrences of the product. For example, VPN service may use up to four diferent ports: 500, 1701, 1723, and 4500.
  • HP Storageworks Clustered File System Command Line Reference

    HP Storageworks Clustered File System Command Line Reference

    HP StorageWorks Clustered File System 3.0 Command Line reference guide *392372-001* *392372–001* Part number: 392372–001 First edition: May 2005 Legal and notice information © Copyright 1999-2005 PolyServe, Inc. Portions © 2005 Hewlett-Packard Development Company, L.P. Neither PolyServe, Inc. nor Hewlett-Packard Company makes any warranty of any kind with regard to this material, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. Neither PolyServe nor Hewlett-Packard shall be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance, or use of this material. This document contains proprietary information, which is protected by copyright. No part of this document may be photocopied, reproduced, or translated into another language without the prior written consent of Hewlett-Packard. The information is provided “as is” without warranty of any kind and is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Neither PolyServe nor HP shall be liable for technical or editorial errors or omissions contained herein. The software this document describes is PolyServe confidential and proprietary. PolyServe and the PolyServe logo are trademarks of PolyServe, Inc. PolyServe Matrix Server contains software covered by the following copyrights and subject to the licenses included in the file thirdpartylicense.pdf, which is included in the PolyServe Matrix Server distribution. Copyright © 1999-2004, The Apache Software Foundation. Copyright © 1992, 1993 Simmule Turner and Rich Salz.
  • Installation Guide

    Installation Guide

    Installation Guide StorNext and StorNext FX 4.7.x 6-67950-01 Rev D *6-67950-01 D* StorNext and StorNext FX 4.7.x Installation Guide, 6-67950-01 Rev D, January 2016, Product of USA. Quantum Corporation provides this publication “as is” without warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability or fitness for a particular purpose. Quantum Corporation may revise this publication from time to time without notice. COPYRIGHT STATEMENT © 2016 Quantum Corporation. All rights reserved. Your right to copy this manual is limited by copyright law. Making copies or adaptations without prior written authorization of Quantum Corporation is prohibited by law and constitutes a punishable violation of the law. TRADEMARK STATEMENT Quantum, the Quantum logo, DLT, DLTtape, the DLTtape logo, Scalar, StorNext, the DLT logo, DXi, GoVault, SDLT, StorageCare, Super DLTtape, and SuperLoader are registered trademarks of Quantum Corporation in the U.S. and other countries. Protected by Pending and Issued U.S. and Foreign Patents, including U.S. Patent No. 5,990,810. LTO and Ultrium are trademarks of HP, IBM, and Quantum in the U.S. and other countries. All other trademarks are the property of their respective companies. Specifications are subject to change without notice. StorNext utilizes open-source and third-party software. An enumeration of these open-source and third-party modules, as well as their associated licenses/attributions, can be viewed at www.quantum.com/opensource. Further inquiries can be sent to [email protected]. ii Contents Preface xvii DVD Directories.