跳转到主内容

Varonis Fpolicy最佳实践和建议

Views:
65
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

适用场景

  • CIFS
  • NFS
  • Varonis
  • FPolicy

问题解答

有哪些与Varonis Fpolicy部署相关的最佳实践和建议?
Varonis的具体建议:

这些建议将根据Varonis指南一起执行、可能需要客户联系Varonis以了解更多详细信息或说明。

NetApp特定建议:
  • 对于Varonis External Engines (Varonis外部发动机),将Send-buffer-size (发送缓冲区大小)设置 为7895160

::*> vserver fpolicy policy external-engine modify -vserver <vserver> -engine-name <engine-name> -send-buffer-size 7895160

  • 要减少延迟的潜在影响、请使用Varonis指南将中止超时设置为较低值、例如:"S。

如果收集器和SVM之间存在大量延迟、则它可以对TCP加密延迟执行发生原因操作、并在极少数情况下对延迟产生潜在影响。

要在收集器出现连接问题或CPU不足的情况下减少最终用户延迟、建议将"Timeout for Aboring a request"(中止请求超时)从40秒降低到5秒。 

 ::*> vserver fpolicy policy external-engine modify -vserver <vserver> -engine-name <engine-name> -reqs-abort-timeout 5s 

请参见以下文档: vserver fpolicy policy外部引擎命令- vserver fpolicy policy外部引擎show

(有关此建议的详细信息、请查看Varonis知识库文章: Fpolicy-Impacts-NetApp-Performer-Lat以及 NetApp CM Monitoring Results in NetApp客户端延迟

 

  • 要减少延迟的潜在影响、请在Varonis的指导下设置fpolicy事件筛选器。

Fpolicy事件筛选器

在正常活动期间、fpolicy可能会出现发生原因延迟。为了最大限度地减少这种情况、我们可以对fpolicy进行筛选、使其不发送我们不监控的事件。建议同时筛选"首次读取"和"首次写入"。

::> vserver fpolicy policy event create -vserver <Vserver Name> -event-name fp_event_varonis_cifs
-file-operations create,create_dir,delete,delete_dir,open,read,write,rename,rename_dir,setattr -protocol cifs
-filters first-read,first-write,open-with-delete-intent

一般建议:
  • 根据 TR-4429《Varonis Datadvantage最佳实践》

    • 查看上述技术报告、了解更多最佳实践、包括:

To avoid performance issues, deactivate FPolicy during the following scenarios:
Note: Activation of an FPolicy can increase the usage of resources on those stores and affect the performance of applications that use them.
• When performing large data migrations from one NetApp storage system to another (large write or modification of files)
• When upgrading your release of ONTAP to a newer version
• When performing a Varonis upgrade (both IDU and probes or collectors)

After performing any of these actions, you can safely activate FPolicy.
Note: Manage VM datastores or SQL Server datastores with FPolicy with caution, because such stores are not accessed by humans and do not host human-generated data

 

 

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.