NetWorker Blog

Commentary from a long term NetWorker consultant and Backup Theorist

  • This blog has moved!

    This blog has now moved to nsrd.info/blog. Please jump across to the new site for the latest articles (and all old archived articles).

  •  


     


     

  • Enterprise Systems Backup and Recovery

    If you find this blog interesting, and either have an interest in or work in data protection/backup and recovery environments, you should check out my book, Enterprise Systems Backup and Recovery: A Corporate Insurance Policy. Designed for system administrators and managers alike, it focuses on features, policies, procedures and the human element to ensuring that your company has a suitable and working backup system rather than just a bunch of copies made by unrelated software, hardware and processes.

Posts Tagged ‘audit’

Introducing the Support and Services page

Posted by Preston on 2009-12-17

Regular visitors may note that there’s a new addition to the pages on this blog – one covering Support and Services.

I run this blog in my own time (probably using up a little too much of my own time to be quite truthful) and ask for no payment or reimbursement from my readers – well, other than an occasional pitch for people to buy my book, that is.

My day job however is a consultancy and support role at IDATA Resolutions, and the Support and Services page outlines some of the key things IDATA could do for you, if you happen to be looking for service, support, consulting or training for your environment.

If you’re looking for an independent review of your environment, or considering support options, looking at a new solution or needing some training (whether that’s one-on-one, customised or general), I’d invite you to check out the Support and Services page above to see what IDATA can do for you.

Posted in Aside | Tagged: , , , , , , , , , , | Comments Off on Introducing the Support and Services page

Are you Monitoring RAP?

Posted by Preston on 2009-07-03

Introduced in NetWorker v7 was a feature called “Monitor RAP”. There’s two unfortunate aspects to this setting in the NetWorker server resource (“NSR”):

  • It is not enabled by default;
  • The setting name obfuscates the purpose of the setting for most users.

Personally, I would have preferred when this option was made available that it was called “Audit Changes”, and that it was enabled by default.

In the NetWorker management console, with diagnostic mode enabled, this option is available in the first tab of the NetWorker server properties:

Monitor RAP setting

Monitor RAP setting

With this setting enabled, NetWorker maintains a new log, rap.log, within the logs directory. This tracks changes that are made to the NetWorker configuration, as they are made.

Here’s an example:

06/30/2009 06:49:19 PM MONITOR_RAP: preston@archon CHANGED 'NSR group'
resource, Staging Development:
 autostart: Enabled;
 autostart: Disabled;

This tells us that at 18:49:19 on 30 June 2009, user ‘preston’ on host ‘archon’ changed the group ‘Staging Development’, changing ‘autostart’ from ‘Enabled’ to ‘Disabled’.

This means that from the NetWorker level*, you can easily keep track of who does what to the NetWorker configuration. Interestingly, you can also use this information to also track self-changes to the system – i.e., where NetWorker updates its own configuration. As an example, if you use a license manager, then whenever NetWorker updates/checks its licenses against the license server, you’ll get entries in the logs such as:

06/30/2009 05:10:00 PM MONITOR_RAP: root@nox CHANGED 'NSR license' resource,
Autochanger Module, 40 slots/40:
 checksum: \
"'j&P_-QFc]]D~GIQ\\_[q-jMFx;ajW%U~\\1^UvCm`dJEwg/
T#XGMpaVYet\\l]M\\w\\{QQ\\\\\
WuR]\"Ax*@^XX'[ZAG388M)I6fvztWrC9q\"G3PeML!wl
{P6L0]JU9a9[{WYZ";
 checksum: \
"Z$EP_Jts]gYNZV_ATn]AZSxcTorL#f2(\"8/PTcIYec}K+}
e_GGsJ$6IC)QLTz\\_aS?[|lc^\\Z\
rN9}A~L@}?b^Vlud-e:SD+Js<U]T!eXR\"y/,bQHO
0_CShOlw?U1h\\g?";

Using the Monitor RAP setting allows you to easily monitor changes to the NetWorker configuration, and I believe that every NetWorker site should always have this setting enabled.


* Auditing is also available within NMC. For maximum auditing, I always recommend that both options be used.

Posted in NetWorker, Security | Tagged: , , | Comments Off on Are you Monitoring RAP?

Audit is not a 4-letter word

Posted by Preston on 2009-02-20

As a system administrator, I loathed being audited. Not because I feared that it would expose holes in the security or policies of my systems, but rather because for the most part, auditing was usually conducted by incompetant staff at big name auditing/taxation companies. Now, I have no doubt that when it comes to their original auditing domains, namely taxation and accounting, such companies do usually offer excellent services.

For the most part though I’ve found that for anything outside of absolute basic system administration reviews, such companies offer poor feedback that’s often erroneous to the point of being farcical. (For example, having a password field of ‘x’ in /etc/passwd pointed out as being “insecure” having failed to note the use of shadow password files…)

So, having undoubtedly just annoyed quite a few people, I’ll go on to explain why auditing shouldn’t be a terrible experience if you’re in the storage and data protection domain. More importantly, I’ll explain how auditing can be changed from an unpleasant experience where it’s necessary to explain to management they wasted their money, to one where you, and your company, get value out of it.

The best auditing is conducted by experts in the field. Not the field of auditing, but the field of what you want audited. So, in order to get a decent and useful audit of your storage and data protection systems, you need to follow these rules:

  1. It should be done from someone outside your company.
  2. It should be done by someone who won’t be assigned any work as a result of the audit.
  3. It should be done by someone with creditionals (e.g., registered partners of companies, or like-companies for the products you’re using).

This isn’t to say that whomever does the audit should never get any further work from your company, but rather, if they make recommendations that you have to buy X, Y and Z to resolve the issues they’ve highlighted, they’re doing it out of honesty because they won’t get to sell them to you.

Moving on, there’s a few more rules you should also follow in order to get a successful audit:

  1. You must assign a champion within your company who has sufficient authority to ensure that the staff conducting the audit get access and feedback they require.
  2. You must provide direction to the auditing company – that is, outline what you need investigated and the structure of the results you want. However, this can be dangerous if mishandled, so most importantly follow the next rule…
  3. You must provide freedom for the auditing company to expand beyond your direction to encompass and point out other issues that you may not have anticipated in your directional statement.

Finally, the audit process should start with a brainstorming/whiteboarding session, and the results should be presented in a similar session.

There’s more to auditing than the above, but if you step away from the ‘regular’ auditing companies that can offer little assistance in storage and data protection, you will actually get a quality result.

Posted in NetWorker, Policies | Tagged: | Comments Off on Audit is not a 4-letter word