M55341A

Module 3
Implementing enterprise
storage solutions
 Overview of DAS, NAS, and SANs
Comparing Fibre Channel, iSCSI, and Fibre Channel over
Ethernet
Module
Overview Understanding iSNS, DCB
• Configuring sharing in Windows Server
• Securing Files and Folders
• Protecting Shared Files and Folders by Using Shadow
Copies
Lesson 1: Overview of DAS, NAS, and SANs

Discussion: Which storage solutions are deployed in your environment?

What is DAS?
What is NAS?
What is a SAN?
Comparison and scenarios for usage
• Block-level storage vs. file-level storage
Discussion:
Which storage
solutions are Which storage solutions does your organization
deployed in use?
your
environment? What benefits do those storage solutions offer?
What is DAS?

DAS is physically attached to the server

Advantages:

• Easy to configure
• Inexpensive solution

Disadvantages:

• Isolated, because the disks are attached to

a single server
• Less flexible for allocation Server with attached disks
What is NAS?
NAS is storage that is attached to a dedicated storage device and
accessed through network shares
Advantages:

• Relatively inexpensive, NAS offers

centralized storage at an affordable price
• Easy to configure

Disadvantages:

• Slower access times

• Not an enterprise solution
What is a SAN?

SANs offers higher availability with the most flexibility

Advantages:

• Fastest access times

• Easily expandable
• Centralized storage
• High level of redundancy

Disadvantages:

• More expensive
• Requires specialized skills

Implement SANs by using Fibre Channel or iSCSI

Comparison and scenarios for usage
• DAS:
• Least complex
• Lowest setup costs
• NAS:
• Best solution for specific situations
• Complementary to DAS and SAN
• SAN:
• Highest performing
• Has the most features
• Future trends:
• Windows Server storage features are expanding to improve capabilities when using DAS such as Storage
Spaces and Storage Spaces Direct
Block-level storage vs. file-level storage

Block-level storage:
• Is high-performing
• Is often SAN-based
• Presents LUNs to servers
• Is not the most cost-effective

File-level storage:
• Is delivered via NAS, a storage server, or a file server
• Uses CIFS/SMB (shared folders) or NFS (exports)
• Uses block-level storage on the storage backend
Lesson 2: Comparing Fibre Channel, iSCSI, and
Fibre Channel over Ethernet

What is Fibre Channel?

Considerations for implementing Fibre Channel
What is iSCSI?
iSCSI components
Considerations for implementing iSCSI
Core storage components
• Demonstration: Configuring an iSCSI target
What is Fibre Channel?
Fibre Channel components
include:
• A SAN
• A computer with an HBA card
• A Fibre Channel switch

Fibre Channel over Ethernet:

• Gives you the benefits of Fibre Channel
while using an inexpensive, preexisting
Ethernet infrastructure

Fibre Channel layouts include:

• Arbitrated loop
• Point-to-point
• Switched fabric
Considerations for implementing Fibre Channel
Infrastructure considerations:
• Existing switch and cabling infrastructure
• Existing servers and HBAs
• Existing storage infrastructure

Costs
• Fibre Channel is often more expensive than other solutions
• Large initial investment required
• Initial and ongoing training might add considerably to the cost
What is iSCSI?
iSCSI transmits SCSI commands over IP networks

Component Description
IP network Network that provides high performance and
redundancy

iSCSI targets Servers that run on the storage device and enable
access to the disks

iSCSI Software component or host adapter on the server

initiators that provides access to iSCSI targets

iSCSI IQN Globally unique identifier that iSCSI uses to address

initiators and targets on an iSCSI network
iSCSI components

The iSCSI Target Server: The iSCSI initiator:

• Is available as a role service in Windows Server • Runs as a service in the operating system
• Provides the following functionality: • Is installed by default on Windows Vista and
• Network or diskless boot Windows Server 2008 and newer operating
systems
• Server application storage
• Requires only to be started and configured to
• Heterogeneous storage connect the computer to the iSCSI target
• Lab environments
• Has the following features:
• Authentication
• Query initiator computer for ID
• Virtual hard drives
• Scalability
• Manageability
Considerations for implementing iSCSI
The primary factors to consider when planning on using iSCSI are:
• Network speeds and performance
• High availability
• Security
• Vendor information
• Infrastructure staff
• Application teams

Alternative solutions to iSCSI are Fibre Channel, Fibre Channel over Ethernet,
and InfiniBand
Core storage components

• Network adapters are usually used on Ethernet networks

• HBAs are usually used on storage networks such as SAN
• Converged network adapters can be used on Ethernet networks or SANs
• InfiniBand host channel adapters are used on InfiniBand networks
• Disk controllers facilitate communication between disk drives and a CPU
Demonstration: Configuring an iSCSI target
In this demonstration, you will see how to:

• Add the iSCSI Target Server role service

• Create two iSCSI virtual disks and an iSCSI target
• Connect to the iSCSI target
• Verify the presence of the iSCSI drive
Lesson 4: Configuring sharing in Windows Server

What is SMB?
Configuring SMB shares
Demonstration: Configuring SMB shares by using Server Manager and Windows PowerShell
What is NFS?
Configuring NFS shares
• Demonstration: Configuring an NFS share by using Server Manager
What is SMB?
• SMB is the file-sharing protocol that Windows client and server operating systems use
• Each new version has additional features
• SMB 3.0 introduced large performance benefits
• SMB 3.0.2 added:
• Scale-Out File Server
• Removable SMB 1.x
• SMB 3.1.1 added:
• Pre-authentication integrity
• SMB encryption improvements
• Cluster dialect fencing
Configuring SMB shares
• There are three SMB share profiles:
• Quick
• Advanced
• Applications

• Windows PowerShell cmdlets for SMB share management:

• New-SmbShare
• Set-SmbShare
• Remove-SmbShare
• Get-SmbShare
• Get-SmbSession
• Get-SmbOpenFile
Demonstration: Configuring SMB shares by
using Server Manager and Windows
PowerShell

In this demonstration, you will see how to:

• Create an SMB share by using Server Manager

• Create an SMB share by using Windows PowerShell
• View SMB session information
What is NFS?
• NFS is a file system based on open standards
• Current version is 4.1
• Windows NFS components include:
• Client for NFS
• Server for NFS
• Support for Kerberos v5 authentication
• The primary uses for NFS are:
• Storage for VMware virtual machines
• Sharing data across multiple operating systems
• Sharing data across different IT infrastructures after a company merger
Configuring NFS shares
• Install the Server for NFS server role
• Two options for NFS share profile:
• NFS Share – Quick
• NFS Share – Advanced

• Authentication options:
• Kerberos v5 authentication
• No server authentication

• Share permissions define allowed and denied hosts

• Follow best practices
Demonstration: Configuring an NFS share
by using Server Manager

In this demonstration, you will see how to configure an NFS share by using Server
Manager
Lab A: Planning and configuring storage technologies and components
Lab scenario
You are a Storage Administrator in Adatum Corporation, and part of your job is to ensure that your
data storage systems meet both short-term and long-term business needs that evolve regularly.

Objectives

Exercise 1: Exercise 2: Exercise 3:

Planning storage Configuring iSCSI Configuring and
requirements storage managing the share
infrastructure
 Implementing MPIO for iSCSI is not as simple as installing
MPIO. In this lab, what other steps did you perform to enable
Lab Review MPIO?

When you use Get-SmbOpenFile, do all open files display?

Lesson 5: Securing Files and Folders

What Are File Permissions?

What Are Shared Folders?
Permissions Inheritance
Effective Permissions
What Is Access-Based Enumeration?
What Is the Offline Files Feature?
• Demonstration: Creating and Configuring a Shared Folder
What Are File Permissions?

File permissions control access for files and folders on NTFS or ReFS formatted storage volumes

• File Permissions:
• Are configured for files or folders
• Can be granted or denied
• Are inherited from parent folders

Permissions conflict precedence:

1. Explicitly assigned Deny
2. Explicitly assigned Allow
3. Inherited Deny
4. Inherited Allow
What Are Shared Folders?

• Shared folders grant network access to their contents

• Folders can be shared, but individual files cannot
• Shared folders can be hidden by creating a share with a $ at the end of the share name
• Accessing a shared folder using the UNC path:
• \\LON-SVR1\Sales (standard share)
• \\LON-SVR1\Sales$ (hidden share)
• Administrative shares are hidden shares that allow administrators access to the root of every
volume and special system folders, such as the operating system folder
Permissions Inheritance

• Inheritance is used to manage access to resources without explicitly assigning permissions to

each object
• By default, permissions are inherited in a parent/child relationship
• Blocking inheritance:
• You can block permission inheritance
• You can apply blocking at the file or folder level
• You can set blocking on a folder to propagate the new permissions to child objects
Effective Permissions

• When combining file system and shared folder permissions, the most restrictive
permission is applied
• Example: If a user or group has the shared folder permission of Read and the file
system permission of Write, the user or group will only be able to read the files in the
folder because it is the more restrictive permission

• The user must have both file system and shared folder permissions, otherwise
the user will be denied access to the resource
What Is Access-Based Enumeration?

• Access-based enumeration allows an administrator to control the

visibility of shared folders according to the permissions set on the
shared folder

• Access Based Enumeration is:

• Built into Windows Server
• Available for shared folders
• Configurable on a per shared folder basis
Demonstration: Creating and Configuring a
Shared Folder

In this demonstration, you will see how to:

• Create a shared folder

• Assign permissions for the shared folder
• Configure access-based enumeration
Lesson 6: Protecting Shared Files and Folders by
Using Shadow Copies

What Are Shadow Copies?

Considerations for Scheduling Shadow Copies
Restoring Data from a Shadow Copy
• Demonstration: Restoring Data from a Shadow Copy
What Are Shadow Copies?

• Allow access to previous versions of files

• Are based on tracking disk changes
• Disk space is allocated on the same volume
• When the space is full, older shadow copies are removed
• Are not a replacement for backups
• Are not suitable for recovering databases
Considerations for Scheduling Shadow Copies
Create a shadow
copy schedule
Default schedule is 7:00 A.M. and noon based on:
• Capacity of
server
• Frequency of
changes
• Importance of
changes
Restoring Data from a Shadow Copy

• Previous versions are accessible from the Properties dialog box of a file or folder
• Administrators can restore previous versions
directly on the server
• Users can restore previous versions over the network
• All users can:
• Restore a file or folder
• Browse previous versions to select the correct one
• Copy a file or folder to an alternate location
Demonstration: Restoring Data from a
Shadow Copy
In this demonstration, you will see how to:

• Configure shadow copies

• Create a new file
• Create a shadow copy
• Modify the file
• Restore the previous version
Lab B: Implementing File and Print Services
Lab scenario
You are a Storage Administrator in Adatum Corporation, your manager has recently asked you to
configure file and print services for the branch office. This requires you to configure a new shared
folder that will have subfolders for multiple departments, configure shadow copies on the file servers.

Objectives

Exercise 1: Exercise 2:
Creating and Configuring Shadow
Configuring a File Copies
Share
 How does implementing access-based enumeration benefit the
users of the Data shared folder in this lab?
Lab Review
Is there another way you could recover the file in the shadow
copy exercise? What benefit do shadow copies provide in
comparison?
 Review Questions
Module Review
and Takeaways Tools
• Common Issues and Troubleshooting Tips
End of presentation