Table of Contents
Advertisement
Replication
Traditional replication
consideration
Impact on
iSCSI initiators must be reconfigured to
Applications
connect to the secondary group after the
failover, or an alternate set of host
resources must be brought online, both of
which may cause application disruptions.
If you are using the Host Integration Tools,
you can coordinate replication with host
software to quiesce applications on a
schedule and create application consistent
Smart Copies.
Replication can help protect against the
corruption of application data: depending
on when the replica occurred and what
your replica retention policies are, you may
be able to restore the volume to a point in
time before the corruption occurred.
PS Series Group
Two PS Series groups, each of which must
Requirements
contain at least one member.
6.3
Protecting your EqualLogic group with Internet Protocol
Security
Internet Protocol Security (IPsec) is a set of standardized protocols designed to allow systems on IP-
based networks to verify each other's identities and create secured communication links. IPsec uses
cryptographic security mechanisms for authentication and protection. IPsec validates the identity of
devices communicating over IP-based networks, encrypts all data passing between participating
systems, and protects against disclosure, modification, eavesdropping, and attack. IPsec is supported
for both IPv4 and IPv6 networks.
In the context of an iSCSI SAN that uses EqualLogic PS Series storage arrays, IPsec secures
communications between group member arrays and also between iSCSI initiators and the group. You
can use policies to configure your IPsec implementation to protect iSCSI traffic based on initiator IP
address, initiators in a specific subnet, or network protocol. IPsec authentication is handled using
certificates or pre-shared keys.
IPsec is supported only for PS Series array models PS6xxx, PS41x0, and PS-M4110, and can only be
enabled for a group if all members support IPsec. See the Dell EqualLogic PS Series Storage Arrays
Release Notes for more information.
6.3.1
Types of protected traffic
The types of traffic protected by IPsec are shown in Figure 18 and the sections that follow. Any
incoming or outgoing IP traffic that travels between hosts and the group can be protected with IPsec.
March 2013
Dell EqualLogic Configuration Guide v14.1
SyncRep
Pool switches may cause disruptions
in host access to the volume, but no
change to the iSCSI initiator
configuration is required to restore
access.
Writes must be committed to both
pools before they are acknowledged
to the host, so the application must
be able to tolerate whatever
additional delay is caused by the
simultaneous writes.
When SyncRep is first enabled, or at
any other time when the volume is
writing data to both pools to become
in sync, performance degradation
may occur. This effect is diminished
after the volume becomes in sync.
One PS Series group containing two
storage pools, each of which must
contain at least one member.
6-56
Hide quick links:
Advertisement
Table of Contents
