w w w . e g n y t e . c o m
Egnyte Inc. | 1890 N. Shoreline Blvd. | Mountain View, CA 94043, USA | Phone: 877-7EGNYTE (877-734-6983)
www.egnyte.com | © 2013 by Egnyte Inc. All rights reserved. | Revised February 12, 2013
Mobile Access to Your NetApp
White Paper
w w w . e g n y t e . c o m
Egnyte Inc. | 1890 N. Shoreline Blvd. | Mountain View, CA 94043, USA | Phone: 877-7EGNYTE (877-734-6983)
www.egnyte.com | © 2013 by Egnyte Inc. All rights reserved. | Revised February 12, 2013
Table of Contents
Introduction 3
The Power of the Cloud Enables Mobile Access to NetApp 3
Zero Effort Security & Reliability 4
Always Support the latest and greatest devices 4
Never Lose Your Data 4
IT Maintains Complete Control 4
Egnyte’s Architecture 4
Egnyte for NetApp – The Bidirectional File Sync Engine 5
AD Kit – The Unidirectional Active Directory Sync Engine 6
The Cloud File Server 6
Multiple Access Methods – Same View, Same Permissions 6
The Power of the Cloud Enables Mobile Access 7
Mobile Apps 7
Traditional PCs 8
Supporting the Latest and Greatest Devices 9
Collaboration & Version Control 9
The Power of the Cloud Enables Multi-Site Synchronization 10
Zero Effort Security & Reliability 10
Security 10
Reliability 11
IT Maintains Complete Control 11
Egynte Powers Your Business 11
w w w . e g n y t e . c o m
Egnyte Inc. | 1890 N. Shoreline Blvd. | Mountain View, CA 94043, USA | Phone: 877-7EGNYTE (877-734-6983)
www.egnyte.com | © 2013 by Egnyte Inc. All rights reserved. | Revised February 12, 2013
Introduction
2012 marks the beginning of a revolution in the PC industry, where employees are transitioning from using PCs as
their only work device to having three or more different mobile devices for work. Sometimes these three or more
devices do not include a PC. Research from Cisco shows that global mobile data use doubled between 2011 and
2012,i from 92 MB/month to 201 MB/month. Mobile data is much more pronounced in North America at an average
of 752 MB/month, forecasted to grow to 6,171 MB/month in the next 5 years. Cisco sees this traffic originating from
the almost 7 billion mobile devices, and expects the number of mobile devices to grow at an 8% CAGR in the next
5 years.
These data highlight the start of this revolution. As users transition from traditional PCs to many mobile devices,
they are putting additional burdens on IT; you must now provide services across a plethora of devices and software
systems. One of your key concerns is how to provide mobile access to files on NetApp storage systems, while
avoiding the headache and expense of developing their own custom solutions.
And when providing mobile access to NetApp storage systems, you need to ensure security is maintained, to
control who has access and who does not. You’ll also need to continue to provide service to an ever growing
number of different devices with different software versions. Egnyte’s architecture is designed to solve these
problems and provide measureable value to you, your users, and your business.
The Power of the Cloud Enables Mobile Access to NetApp
Egnyte for NetApp synchronizes your NetApp with the cloud. The power of the cloud – always on, always
available, always secure – enables the cloud to become the central repository for your files. Egnyte enables you to
access your NetApp data in the cloud with:
Mobile Devices Traditional PCs Web Browsers
Apple iPhone & iPad
Google Android Phones & Tablets
Microsoft Phones & Tablets
Apple Mac OS X
Microsoft Windows 7, 8
Safari
Internet Explorer
Chrome
Firefox
Opera
Other standard web browsers
Once your users have been authenticated, they see the same directory tree and files – both in the cloud and on
your NetApp. Your users maintain the same authorization level, synchronized to Active Directory/LDAP, regardless
of the access method. Using their mobile devices, users can view and edit files in the cloud, and any changes are
automatically synchronized to the NetApp storage system. Any changes made to files on the NetApp are
automatically synchronized to the cloud, and these changes are quickly made available to your mobile device
users.
w w w . e g n y t e . c o m
Egnyte Inc. | 1890 N. Shoreline Blvd. | Mountain View, CA 94043, USA | Phone: 877-7EGNYTE (877-734-6983)
www.egnyte.com | © 2013 by Egnyte Inc. All rights reserved. | Revised February 12, 2013
Zero Effort Security & Reliability
Egnyte maintains the strictest security regimens, using 256-bit AES encryption to protect your data while in motion
and at rest. All communication between the synchronization engine, the cloud and mobile devices uses the
industry standard HTTPS protocol, eliminating the need for you to implement custom VPN solutions for each mobile
device. Your data is securely stored in at least two geographically dispersed SSAE-16 certified data centers,
ensuring security, reliability and accessibility in the case of disasters.
Always Support the Latest and Greatest Devices
You never have to worry about how to provide access to your NetApp with a new mobile device. You never have to
worry about the effect of a software release or patch. Egnyte’s engineers are constantly updating our mobile apps
to enable the latest features on the latest and greatest devices. We do the work so that you don’t have to.
Never Lose Your Data
Egnyte never overwrites your data; instead, changes to files are saved to new versions in the cloud. The latest
version of the file is always synchronized to your NetApp system. Yet, you can always go to the cloud to retrieve
prior versions and review modification history. The infinite storage of the cloud means you no longer have to
reserve the limited and expensive space on your NetApp for snapshots.
IT Maintains Complete Control
Egnyte provides the IT administrator complete control, providing a rich toolkit for security, auditing and control. The
administrator toolkit allows you to set policies such as data retention on mobile devices, number of versions saved
in the cloud, third party application integration as well as providing the ability to control the appearance and
behavior of the cloud file system. Administrators can audit individual user and group behavior as well as develop
complex reports on the entire system.
Egnyte’s Architecture
Egnyte’s architecture is comprised of a public cloud component, the Egnyte Cloud File Server, and the bidirectional
file sync engine, Egnyte for NetApp that lives behind the firewall. Combined, these two components provide you
with the ability to access your NetApp file server with mobile devices. Once installed, configured, and
synchronized, the Cloud File Server becomes the master repository for all of your files.
w w w . e g n y t e . c o m
Egnyte Inc. | 1890 N. Shoreline Blvd. | Mountain View, CA 94043, USA | Phone: 877-7EGNYTE (877-734-6983)
www.egnyte.com | © 2013 by Egnyte Inc. All rights reserved. | Revised February 12, 2013
Egnyte for NetApp – The Bidirectional File Sync Engine
Egnyte for NetApp is a VMware-based virtual appliance synchronization engine that bi-directionally synchronizes
the file system between your NetApp storage system and the cloud. Egnyte for NetApp can be installed on any
VMware server, and requires minimal resources – 1 CPU and 4 GB of memory. Once installed and configured,
Egnyte for NetApp communicates with your NetApp over a private network channel, using a custom API from
NetApp.
Using this API, Egnyte for NetApp registers with your NetApp to receive event notifications for a specific NetApp
share that you designate. These event notifications allow Egnyte for NetApp to determine file changes – creates,
modifies, or deletes, without having to scan the entire file system. At each synchronization time-point, Egnyte for
NetApp determines all the file changes on the NetApp that have to be synchronized to the Cloud File Server. At the
same time, the Cloud File Server determines which files in the cloud have changed.
Egnyte for NetApp communicates to the Cloud File Server using an outbound HTTPS connection – you do not have
to punch a hole through the firewall. Once the communication channel is established, Egnyte for NetApp
determines file changes from the NetApp and sends those to the cloud. At the same time, your NetApp share is
updated with changes pulled from the cloud.
w w w . e g n y t e . c o m
Egnyte Inc. | 1890 N. Shoreline Blvd. | Mountain View, CA 94043, USA | Phone: 877-7EGNYTE (877-734-6983)
www.egnyte.com | © 2013 by Egnyte Inc. All rights reserved. | Revised February 12, 2013
In addition to synchronizing files, Egnyte for NetApp synchronizes Active Directory or LDAP user and group
permissions. During the initial import of data into the Cloud File Server, Egnyte for NetApp reads user and group
file permissions and applies those permissions to the cloud. Once the initial import is complete, any changes of
permissions made in the cloud are synchronized to your NetApp storage system.
You are in complete control of both the Cloud File Server as well as which directories are synchronized from the
Cloud to your NetApp storage. The configuration GUI provides a rich set of controls, including the ability to select
all or a subset of the directory tree to synchronize to your NetApp, and controlling the synchronization frequency,
including near-real-time synchronization.
AD Kit – The Unidirectional Active Directory Sync Engine
Egnyte for NetApp communicates directly with your Active Directory or LDAP directory service in order to map your
AD users and groups to users and groups in the cloud. In addition, Egnyte provides the AD Kit, an optional service
that runs on your AD server. The AD Kit communicates directly with the Cloud File Server, synchronizing any user
or group changes directly to the cloud. In addition, the cloud can communicate with the AD Kit, enabling you to
authenticate and authorize users when they directly access the cloud.
The Cloud File Server
Upon completion of the initial import of your data to the cloud, the cloud behaves as the master file server for all of
your shared data. Any changes on your NetApp are synchronized to the cloud, and any changes in the cloud are
synchronized to your NetApp systems.
The cloud presents data to your users in a traditional file system format, completely duplicating the file, directory,
and permission structure of your NetApp share. Regardless of access method, users see the same set of files and
directories, and have the same access rights.
The Cloud File Server has infinite storage space, and grows with you, accommodating rapid changes with ease. In
addition, Egnyte never overwrites your data. All files stored in the cloud are versioned – each new write to a file
creates a new version. All file versions, along with change history, are always available in the cloud, while the
latest version of the file is always synchronized to your NetApp storage.
Multiple Access Methods – Same View, Same Permissions
Egnyte provides your users with multiple methods to access files. Users on mobile devices can use device specific
apps in addition to standard web browsers. Users with laptops can mount the Cloud File Server using the WebDAV
protocol, as well as creating a local copy of the file system and using PLC, Egnyte’s Synchronization app for PC
and Mac to synchronize with the cloud. Inside your firewall, your users continue to mount your NetApp with CIFS,
and continue to leverage the features and performance of NetApp FAS systems with LAN speed.
Regardless of the access method, since your NetApp system is always kept in sync with the Cloud File server, your
users are always presented with the same view of your files. Once a user is authenticated, permissions are always
enforced in a universal and consistent manner. If a user has access to the directory tree “/Shared/Marketing”, that
user has access to that directory, and sees the same set of files and directories regardless of the access method.
Likewise, if a user does not have access to the directory tree “/Shared/HumanResources”, then that user will not be
able to see the directory regardless of the access method.
w w w . e g n y t e . c o m
Egnyte Inc. | 1890 N. Shoreline Blvd. | Mountain View, CA 94043, USA | Phone: 877-7EGNYTE (877-734-6983)
www.egnyte.com | © 2013 by Egnyte Inc. All rights reserved. | Revised February 12, 2013
The Power of the Cloud Enables Mobile Access
Egnyte for NetApp is a virtual appliance based synchronization engine that bi-directionally synchronizes the file
system between your NetApp storage system and the cloud. This allows you to leverage the power of the cloud –
infinite scalability, always on, always accessible – to enable mobile access to your NetApp storage system.
With your files stored in the Cloud File Server, your users can access the files at any time, with any device, without
needing to punch a hole in the firewall or installing complex and expensive VPN solutions.
Mobile Apps
Egnyte has created device specific apps for Apple, Android and Microsoft mobile devices. Each app requires the
user to provide Account Name, User Name, and password in order to authenticate your users. This information is
transmitted to the cloud via HTTPS; the cloud then authenticates the user, optionally talking to your AD server via
Egnyte’s AD kit.
Once users are authenticated, they app communicates with the cloud via HTTPS, and presents your users with the
same view of the directory tree regardless of which app or any other access method. Permissions are identically
enforced through all mobile apps and any other access method.
w w w . e g n y t e . c o m
Egnyte Inc. | 1890 N. Shoreline Blvd. | Mountain View, CA 94043, USA | Phone: 877-7EGNYTE (877-734-6983)
www.egnyte.com | © 2013 by Egnyte Inc. All rights reserved. | Revised February 12, 2013
Users can download files onto the local storage of the device, as well as share files with other applications and
other users. Files can be shared as attachments as well as by a link. Files can be edited using local programs,
and the changes are then written back to the cloud by Egnyte’s app. You have complete control over your user
behavior, with policy settings to control app enablement and local storage features.
Egnyte has a rich app partner ecosystem with integrations enabling easier editing of files by your users. Partners
include QuickOffice, Office2Plus, Readdle, Good Reader, and Apple’s Keynote, Pages, and Numbers apps for
editing of office documents, as well as PDF and AutoCad application integrations.
Traditional PCs
Users on traditional Mac or Windows PCs can also leverage the power of cloud to gain remote access to your
NetApp Files. PC users (as well as mobile device users) can use standard web browsers to access the files in the
cloud. Files can be downloaded to the local system, modified, and the uploaded through a drag-and-drop interface.
Your users can also mount the Cloud File System using WebDAV. Once mounted, the Cloud File Server appears
as network shared drive on the PC. Users can walk the directory tree, read and write files just as they do with local
storage or with a NetApp CIFS mount.
Egnyte Desktop Sync provides each user with a bi-directional sync engine for data stored on their local hard drive.
Once installed, all files in the Egnyte directory are automatically bi-directionally synchronized with the Cloud File
Server. As with Egnyte for NetApp, users can control which subset of the directory tree is synchronized with the
local PC, as well as synchronization frequency.
w w w . e g n y t e . c o m
Egnyte Inc. | 1890 N. Shoreline Blvd. | Mountain View, CA 94043, USA | Phone: 877-7EGNYTE (877-734-6983)
www.egnyte.com | © 2013 by Egnyte Inc. All rights reserved. | Revised February 12, 2013
Supporting the Latest and Greatest Devices
Egnyte’s engineers are constantly updating our mobile apps to enable the latest features on the latest and greatest
devices. We maintain close relationships with the mobile device vendors, and are kept apprised of upcoming
changes to software and devices. We strive to make our apps available on the latest software and hardware at
each release, so that you never have to worry about the effect of a software release or patch. We do the work so
that you don’t have to.
Collaboration & Version Control
Storing your data in both your NetApp and the cloud enables your users to collaborate, working together on their
files from any location with any device. But collaboration comes with the risk of conflict – what happens when two
people edit the same file and save their changes at the same time.
The power of the cloud allows Egnyte to never overwrite your files in the cloud. Instead, each modification of a file
creates a new version, along with metadata identifying the user, date and time of the modification. In the case
when two people save the file at the same time, a race occurs. The first write to hit the cloud file server becomes
version “A”, and is saved to the cloud. The second write becomes version “B”, and is also saved to the cloud.
Because Egnyte has no knowledge of the contents of the file, Egnyte cannot perform conflict resolution. However,
each user of the file can be notified that the file was modified. When this happens, users can go to the cloud and
view the revision information and work with their partners to resolve any conflicts between the two file versions.
Although the Cloud File Server maintains an infinite number of file revisions, the NetApp file system has no concept
of file versions. Thus, Egnyte for NetApp always maintains the latest version of the file on the NetApp file system.
w w w . e g n y t e . c o m
Egnyte Inc. | 1890 N. Shoreline Blvd. | Mountain View, CA 94043, USA | Phone: 877-7EGNYTE (877-734-6983)
www.egnyte.com | © 2013 by Egnyte Inc. All rights reserved. | Revised February 12, 2013
The Power of the Cloud Enables Multi-Site Synchronization
With all of your shared files stored in the cloud, the Cloud File Server becomes the central repository for your data.
When you employ multiple NetApp systems at multiple sites, Egnyte for NetApp synchronizes each device to the
cloud. Which also means that each site is kept in sync with all other sites – multi-site synchronization. Regardless
of the site, your users see a single name-space – the same set of files and permissions – and any changes are
automatically synchronized.
Zero Effort Security & Reliability
Egnyte provides you the ability to access your NetApp files from anywhere with any device at any time while
maintaining your complete confidence that your files are both secure and available in the case of a disaster.
Security
Egnyte understands that security is your number-one concern when adopting new technologies. To address your
concern, Egnyte provides a comprehensive end-to-end secure solution, with focus on the 5 separate aspects of
security – physical, network, transmission, access and data security.
Egnyte ensures physical security by maintaining your data in SSAE-16 compliant colocation facilities. To safeguard
the network, Egnyte employs ICSA-certified firewalls, designed to recognize and handle multiple synchronous
threats without performance degradation. The network uses SSL encryption and a network intrusion detection
system that monitors and blocks hackers, worms, phishing, and other infiltration methods.
Egnyte has adopted the transmission practices of the most secure institutions in the world by using 256-bit AES
encryption to encode data during transmission. 256-bit AES encryption is the strictest standard applied by the US
Government for TOP SECRET documentation and ensures that even if your data were intercepted, it would be
impossible to break the encryption.
Egnyte enables strict user authentication and permission enforcement at every access point, ensuring that only
users with the correct credentials can access your company data. Administrators can set user password strength
requirements, and various forms of Two Factor Authentication are also available as an option.
All data stored on Egnyte’s systems are automatically encrypted using AES 256-bit encryption, so that if someone
were to gain access to your data, decryption is virtually impossible, and your data is safe. Additional security
options, such as the ability to generate and keep your own encryption key, inaccessible by Egnyte, are also
available.
Although Egnyte’s Cloud File Server is multi-tenanted, each tenant is treated as a separate silo, and Egnyte makes
all effort to ensure no cross-contamination of your data. This includes using a separate encryption key for each
account, as well as preventing de-duplication across accounts.
Egnyte’s security and controls are strong and comprehensive, enabling Egnyte to provide services that are FINRA
compliant under SEC 17a, 31a, 204 Record keeping regulations for confidential data storage, retention,
digitalization and accessibility as well as HIPAA compliant for healthcare, pharmaceutical and biomedical
businesses. In addition, Egnyte’s services comply with the EU Safe Harbor framework as set forth by the
Department of Commerce regarding the collection, use, and retention of data from the European Union.
w w w . e g n y t e . c o m
Egnyte Inc. | 1890 N. Shoreline Blvd. | Mountain View, CA 94043, USA | Phone: 877-7EGNYTE (877-734-6983)
www.egnyte.com | © 2013 by Egnyte Inc. All rights reserved. | Revised February 12, 2013
Reliability
Egnyte understands that reliability is your second concern when adopting new technologies. To address this
concern, Egnyte provides a comprehensive solution to delivering reliability.
All of your data is stored in at least two physically disparate data centers. In the case of a network or systems
failure, or a disaster affecting a data center, your data is always available from both second data center as well as
from your local NetApp storage system.
Egnyte maintains 3 data centers – US West Coast, US East Coast, and Europe. In addition, Egnyte can offload
storage services to 3rd
Party providers with data centers located world-wide providing both reliability and speed of
access through geographic proximity.
In each of Egnyte’s data centers, all systems are multiply redundant, ensuring there is no single point of failure of
any component, system or service. This ensures that you will always have access to your data – either in the cloud
or on your local NetApp server.
Egnyte for NetApp itself can be configured in a high-availability (HA) mode, where 2 instances of Egnyte for NetApp
are configured as a primary and secondary. Should the primary system fail, the secondary Egnyte for NetApp
system will take over. Egnyte for NetApp can also be configured to work with NetApp Data OnTap Cluster Mode,
providing a local synchronization solution with no single point of failure.
IT Maintains Complete Control
As the IT administrator, Egnyte provides you complete control. The administrator interface to the Cloud File Server
provides a rich toolkit for security, auditing and control.
Administrators can configure the Cloud File Server, including Active Directory integration, file retention policies,
security policies such as passwords and session timeouts, as well as enabling or disabling features and
functionality. You can also configure users and groups, interaction and synchronization with directory services, and
add-on features such as integrations with single-sign-on vendors or other applications. The administration toolkit
also provides tools to change the look-and-feel of the web interface, including branding with your company’s logo.
There is a full-featured auditing and reporting toolkit, with pre-canned reports for cloud usage, external links, user
permissions and activity, and many other items of interest to administrators.
Each Egnyte for NetApp instance is also fully controlled by the IT Administrator, who can control synchronization
frequency, which directories are synchronized, Active Directory integration, and other configurables. The web
interface also provides the ability to review synchronization logs.
Egnyte Powers Your Business
With Egnyte for NetApp, you bi-directionally synchronize your files with Egnyte’s Cloud File Server. Storing your
data both on your NetApp and in the cloud provides significant business benefits to your users and your company.
NetApp Data from Mobile Access
As mobile devices proliferate, your users are demanding the ability to work and collaborate at any time with any
device. By storing your files in the cloud, you enable your users’ access to your NetApp files using Apple, Android,
and Microsoft mobile devices as well as traditional Mac and Windows PCs. Using the mobile device of their choice,
w w w . e g n y t e . c o m
Egnyte Inc. | 1890 N. Shoreline Blvd. | Mountain View, CA 94043, USA | Phone: 877-7EGNYTE (877-734-6983)
www.egnyte.com | © 2013 by Egnyte Inc. All rights reserved. | Revised February 12, 2013
your mobile users can access and modify your NetApp files. Any time, any place, any device -- your users can be
more productive and can collaborate with each other.
NetApp Storage Features with LAN Speed Access
Users inside your firewall continue to leverage the power and functionality of your NetApp, collaborating on files
with LAN speed. You don’t have to worry about the speed, latency, reliability or network burden of a cloud-only
solution. You also do not have to implement and maintain costly and complex VPN solutions in order to provide
your users with external access to your NetApp storage system.
Always Support the Latest and Greatest Devices
Since Egnyte is constantly chasing the mobile device explosion, you can support your users’ desires for the latest
and greatest devices with little effort. We do the work so that you don’t have to.
Zero Effort Security & Reliability
All of your data is secured using AES-256 encryption in motion at rest, and your data is stored in a minimum of 3
locations – your NetApp storage system and 2 physically disparate Egnyte Cloud data centers. You can be
confident that your data is secure and always accessible. In addition, Egnyte never overwrites your data. Instead,
Egnyte maintains multiple versions of your files in the cloud. Should an error or conflict occur, you can easily
retrieve a prior version of the file.
Multi-site Synchronization
When you have multiple sites, you can employ Egnyte to synchronize each NetApp system to the cloud, and thus
to each other. This multi-site synchronization allows your users to collaborate on the same files with a single view
of the file system, without costly remote access solutions.
IT Maintains Complete Control.
Egnyte provides the IT administrator complete control, providing a rich toolkit for security, auditing and control. The
administrator toolkit allows you to set policies such as data retention on mobile devices, number of versions saved
in the cloud, third party application integration as well as providing the ability to control the appearance and
behavior of the cloud file system. Administrators can audit individual user and group behavior as well as develop
complex reports on the entire system.
i http://gigaom.com/2013/02/05/cisco-our-mobile-data-appetites-doubled-in-size-in-2012