mobile access to your netapp - egnyte for netapp communicates directly with your active directory or...

w w w . e g n y t e . c o m

Egnyte Inc. | 1890 N. Shoreline Blvd. | Mountain View, CA 94043, USA | Phone: 877-7EGNYTE (877-734-6983)

www.egnyte.com | © 2013 by Egnyte Inc. All rights reserved. | Revised February 12, 2013

Mobile Access to Your NetApp

White Paper




Table of Contents

Introduction 3

The Power of the Cloud Enables Mobile Access to NetApp 3

Zero Effort Security & Reliability 4

Always Support the latest and greatest devices 4

Never Lose Your Data 4

IT Maintains Complete Control 4

Egnyte’s Architecture 4

Egnyte for NetApp – The Bidirectional File Sync Engine 5

AD Kit – The Unidirectional Active Directory Sync Engine 6

The Cloud File Server 6

Multiple Access Methods – Same View, Same Permissions 6

The Power of the Cloud Enables Mobile Access 7

Mobile Apps 7

Traditional PCs 8

Supporting the Latest and Greatest Devices 9

Collaboration & Version Control 9

The Power of the Cloud Enables Multi-Site Synchronization 10

Zero Effort Security & Reliability 10

Security 10

Reliability 11

IT Maintains Complete Control 11

Egynte Powers Your Business 11




Introduction

2012 marks the beginning of a revolution in the PC industry, where employees are transitioning from using PCs as

their only work device to having three or more different mobile devices for work. Sometimes these three or more

devices do not include a PC. Research from Cisco shows that global mobile data use doubled between 2011 and

2012,i from 92 MB/month to 201 MB/month. Mobile data is much more pronounced in North America at an average

of 752 MB/month, forecasted to grow to 6,171 MB/month in the next 5 years. Cisco sees this traffic originating from

the almost 7 billion mobile devices, and expects the number of mobile devices to grow at an 8% CAGR in the next

5 years.

These data highlight the start of this revolution. As users transition from traditional PCs to many mobile devices,

they are putting additional burdens on IT; you must now provide services across a plethora of devices and software

systems. One of your key concerns is how to provide mobile access to files on NetApp storage systems, while

avoiding the headache and expense of developing their own custom solutions.

And when providing mobile access to NetApp storage systems, you need to ensure security is maintained, to

control who has access and who does not. You’ll also need to continue to provide service to an ever growing

number of different devices with different software versions. Egnyte’s architecture is designed to solve these

problems and provide measureable value to you, your users, and your business.

The Power of the Cloud Enables Mobile Access to NetApp

Egnyte for NetApp synchronizes your NetApp with the cloud. The power of the cloud – always on, always

available, always secure – enables the cloud to become the central repository for your files. Egnyte enables you to

access your NetApp data in the cloud with:

Mobile Devices Traditional PCs Web Browsers

Apple iPhone & iPad

Google Android Phones & Tablets

Microsoft Phones & Tablets

Apple Mac OS X

Microsoft Windows 7, 8

Safari

Internet Explorer

Chrome

Firefox

Opera

Other standard web browsers

Once your users have been authenticated, they see the same directory tree and files – both in the cloud and on

your NetApp. Your users maintain the same authorization level, synchronized to Active Directory/LDAP, regardless

of the access method. Using their mobile devices, users can view and edit files in the cloud, and any changes are

automatically synchronized to the NetApp storage system. Any changes made to files on the NetApp are

automatically synchronized to the cloud, and these changes are quickly made available to your mobile device

users.




Zero Effort Security & Reliability

Egnyte maintains the strictest security regimens, using 256-bit AES encryption to protect your data while in motion

and at rest. All communication between the synchronization engine, the cloud and mobile devices uses the

industry standard HTTPS protocol, eliminating the need for you to implement custom VPN solutions for each mobile

device. Your data is securely stored in at least two geographically dispersed SSAE-16 certified data centers,

ensuring security, reliability and accessibility in the case of disasters.

Always Support the Latest and Greatest Devices

You never have to worry about how to provide access to your NetApp with a new mobile device. You never have to

worry about the effect of a software release or patch. Egnyte’s engineers are constantly updating our mobile apps

to enable the latest features on the latest and greatest devices. We do the work so that you don’t have to.

Never Lose Your Data

Egnyte never overwrites your data; instead, changes to files are saved to new versions in the cloud. The latest

version of the file is always synchronized to your NetApp system. Yet, you can always go to the cloud to retrieve

prior versions and review modification history. The infinite storage of the cloud means you no longer have to

reserve the limited and expensive space on your NetApp for snapshots.

IT Maintains Complete Control

Egnyte provides the IT administrator complete control, providing a rich toolkit for security, auditing and control. The

administrator toolkit allows you to set policies such as data retention on mobile devices, number of versions saved

in the cloud, third party application integration as well as providing the ability to control the appearance and

behavior of the cloud file system. Administrators can audit individual user and group behavior as well as develop

complex reports on the entire system.

Egnyte’s Architecture

Egnyte’s architecture is comprised of a public cloud component, the Egnyte Cloud File Server, and the bidirectional

file sync engine, Egnyte for NetApp that lives behind the firewall. Combined, these two components provide you

with the ability to access your NetApp file server with mobile devices. Once installed, configured, and

synchronized, the Cloud File Server becomes the master repository for all of your files.




Egnyte for NetApp – The Bidirectional File Sync Engine

Egnyte for NetApp is a VMware-based virtual appliance synchronization engine that bi-directionally synchronizes

the file system between your NetApp storage system and the cloud. Egnyte for NetApp can be installed on any

VMware server, and requires minimal resources – 1 CPU and 4 GB of memory. Once installed and configured,

Egnyte for NetApp communicates with your NetApp over a private network channel, using a custom API from

NetApp.

Using this API, Egnyte for NetApp registers with your NetApp to receive event notifications for a specific NetApp

share that you designate. These event notifications allow Egnyte for NetApp to determine file changes – creates,

modifies, or deletes, without having to scan the entire file system. At each synchronization time-point, Egnyte for

NetApp determines all the file changes on the NetApp that have to be synchronized to the Cloud File Server. At the

same time, the Cloud File Server determines which files in the cloud have changed.

Egnyte for NetApp communicates to the Cloud File Server using an outbound HTTPS connection – you do not have

to punch a hole through the firewall. Once the communication channel is established, Egnyte for NetApp

determines file changes from the NetApp and sends those to the cloud. At the same time, your NetApp share is

updated with changes pulled from the cloud.




In addition to synchronizing files, Egnyte for NetApp synchronizes Active Directory or LDAP user and group

permissions. During the initial import of data into the Cloud File Server, Egnyte for NetApp reads user and group

file permissions and applies those permissions to the cloud. Once the initial import is complete, any changes of

permissions made in the cloud are synchronized to your NetApp storage system.

You are in complete control of both the Cloud File Server as well as which directories are synchronized from the

Cloud to your NetApp storage. The configuration GUI provides a rich set of controls, including the ability to select

all or a subset of the directory tree to synchronize to your NetApp, and controlling the synchronization frequency,

including near-real-time synchronization.

AD Kit – The Unidirectional Active Directory Sync Engine

Egnyte for NetApp communicates directly with your Active Directory or LDAP directory service in order to map your

AD users and groups to users and groups in the cloud. In addition, Egnyte provides the AD Kit, an optional service

that runs on your AD server. The AD Kit communicates directly with the Cloud File Server, synchronizing any user

or group changes directly to the cloud. In addition, the cloud can communicate with the AD Kit, enabling you to

authenticate and authorize users when they directly access the cloud.

The Cloud File Server

Upon completion of the initial import of your data to the cloud, the cloud behaves as the master file server for all of

your shared data. Any changes on your NetApp are synchronized to the cloud, and any changes in the cloud are

synchronized to your NetApp systems.

The cloud presents data to your users in a traditional file system format, completely duplicating the file, directory,

and permission structure of your NetApp share. Regardless of access method, users see the same set of files and

directories, and have the same access rights.

The Cloud File Server has infinite storage space, and grows with you, accommodating rapid changes with ease. In

addition, Egnyte never overwrites your data. All files stored in the cloud are versioned – each new write to a file

creates a new version. All file versions, along with change history, are always available in the cloud, while the

latest version of the file is always synchronized to your NetApp storage.

Multiple Access Methods – Same View, Same Permissions

Egnyte provides your users with multiple methods to access files. Users on mobile devices can use device specific

apps in addition to standard web browsers. Users with laptops can mount the Cloud File Server using the WebDAV

protocol, as well as creating a local copy of the file system and using PLC, Egnyte’s Synchronization app for PC

and Mac to synchronize with the cloud. Inside your firewall, your users continue to mount your NetApp with CIFS,

and continue to leverage the features and performance of NetApp FAS systems with LAN speed.

Regardless of the access method, since your NetApp system is always kept in sync with the Cloud File server, your

users are always presented with the same view of your files. Once a user is authenticated, permissions are always

enforced in a universal and consistent manner. If a user has access to the directory tree “/Shared/Marketing”, that

user has access to that directory, and sees the same set of files and directories regardless of the access method.

Likewise, if a user does not have access to the directory tree “/Shared/HumanResources”, then that user will not be

able to see the directory regardless of the access method.




The Power of the Cloud Enables Mobile Access

Egnyte for NetApp is a virtual appliance based synchronization engine that bi-directionally synchronizes the file

system between your NetApp storage system and the cloud. This allows you to leverage the power of the cloud –

infinite scalability, always on, always accessible – to enable mobile access to your NetApp storage system.

With your files stored in the Cloud File Server, your users can access the files at any time, with any device, without

needing to punch a hole in the firewall or installing complex and expensive VPN solutions.

Mobile Apps

Egnyte has created device specific apps for Apple, Android and Microsoft mobile devices. Each app requires the

user to provide Account Name, User Name, and password in order to authenticate your users. This information is

transmitted to the cloud via HTTPS; the cloud then authenticates the user, optionally talking to your AD server via

Egnyte’s AD kit.

Once users are authenticated, they app communicates with the cloud via HTTPS, and presents your users with the

same view of the directory tree regardless of which app or any other access method. Permissions are identically

enforced through all mobile apps and any other access method.




Users can download files onto the local storage of the device, as well as share files with other applications and

other users. Files can be shared as attachments as well as by a link. Files can be edited using local programs,

and the changes are then written back to the cloud by Egnyte’s app. You have complete control over your user

behavior, with policy settings to control app enablement and local storage features.

Egnyte has a rich app partner ecosystem with integrations enabling easier editing of files by your users. Partners

include QuickOffice, Office2Plus, Readdle, Good Reader, and Apple’s Keynote, Pages, and Numbers apps for

editing of office documents, as well as PDF and AutoCad application integrations.

Traditional PCs

Users on traditional Mac or Windows PCs can also leverage the power of cloud to gain remote access to your

NetApp Files. PC users (as well as mobile device users) can use standard web browsers to access the files in the

cloud. Files can be downloaded to the local system, modified, and the uploaded through a drag-and-drop interface.

Your users can also mount the Cloud File System using WebDAV. Once mounted, the Cloud File Server appears

as network shared drive on the PC. Users can walk the directory tree, read and write files just as they do with local

storage or with a NetApp CIFS mount.

Egnyte Desktop Sync provides each user with a bi-directional sync engine for data stored on their local hard drive.

Once installed, all files in the Egnyte directory are automatically bi-directionally synchronized with the Cloud File

Server. As with Egnyte for NetApp, users can control which subset of the directory tree is synchronized with the

local PC, as well as synchronization frequency.




Supporting the Latest and Greatest Devices

Egnyte’s engineers are constantly updating our mobile apps to enable the latest features on the latest and greatest

devices. We maintain close relationships with the mobile device vendors, and are kept apprised of upcoming

changes to software and devices. We strive to make our apps available on the latest software and hardware at

each release, so that you never have to worry about the effect of a software release or patch. We do the work so

that you don’t have to.

Collaboration & Version Control

Storing your data in both your NetApp and the cloud enables your users to collaborate, working together on their

files from any location with any device. But collaboration comes with the risk of conflict – what happens when two

people edit the same file and save their changes at the same time.

The power of the cloud allows Egnyte to never overwrite your files in the cloud. Instead, each modification of a file

creates a new version, along with metadata identifying the user, date and time of the modification. In the case

when two people save the file at the same time, a race occurs. The first write to hit the cloud file server becomes

version “A”, and is saved to the cloud. The second write becomes version “B”, and is also saved to the cloud.

Because Egnyte has no knowledge of the contents of the file, Egnyte cannot perform conflict resolution. However,

each user of the file can be notified that the file was modified. When this happens, users can go to the cloud and

view the revision information and work with their partners to resolve any conflicts between the two file versions.

Although the Cloud File Server maintains an infinite number of file revisions, the NetApp file system has no concept

of file versions. Thus, Egnyte for NetApp always maintains the latest version of the file on the NetApp file system.




The Power of the Cloud Enables Multi-Site Synchronization

With all of your shared files stored in the cloud, the Cloud File Server becomes the central repository for your data.

When you employ multiple NetApp systems at multiple sites, Egnyte for NetApp synchronizes each device to the

cloud. Which also means that each site is kept in sync with all other sites – multi-site synchronization. Regardless

of the site, your users see a single name-space – the same set of files and permissions – and any changes are

automatically synchronized.


Egnyte provides you the ability to access your NetApp files from anywhere with any device at any time while

maintaining your complete confidence that your files are both secure and available in the case of a disaster.

Security

Egnyte understands that security is your number-one concern when adopting new technologies. To address your

concern, Egnyte provides a comprehensive end-to-end secure solution, with focus on the 5 separate aspects of

security – physical, network, transmission, access and data security.

Egnyte ensures physical security by maintaining your data in SSAE-16 compliant colocation facilities. To safeguard

the network, Egnyte employs ICSA-certified firewalls, designed to recognize and handle multiple synchronous

threats without performance degradation. The network uses SSL encryption and a network intrusion detection

system that monitors and blocks hackers, worms, phishing, and other infiltration methods.

Egnyte has adopted the transmission practices of the most secure institutions in the world by using 256-bit AES

encryption to encode data during transmission. 256-bit AES encryption is the strictest standard applied by the US

Government for TOP SECRET documentation and ensures that even if your data were intercepted, it would be

impossible to break the encryption.

Egnyte enables strict user authentication and permission enforcement at every access point, ensuring that only

users with the correct credentials can access your company data. Administrators can set user password strength

requirements, and various forms of Two Factor Authentication are also available as an option.

All data stored on Egnyte’s systems are automatically encrypted using AES 256-bit encryption, so that if someone

were to gain access to your data, decryption is virtually impossible, and your data is safe. Additional security

options, such as the ability to generate and keep your own encryption key, inaccessible by Egnyte, are also

available.

Although Egnyte’s Cloud File Server is multi-tenanted, each tenant is treated as a separate silo, and Egnyte makes

all effort to ensure no cross-contamination of your data. This includes using a separate encryption key for each

account, as well as preventing de-duplication across accounts.

Egnyte’s security and controls are strong and comprehensive, enabling Egnyte to provide services that are FINRA

compliant under SEC 17a, 31a, 204 Record keeping regulations for confidential data storage, retention,

digitalization and accessibility as well as HIPAA compliant for healthcare, pharmaceutical and biomedical

businesses. In addition, Egnyte’s services comply with the EU Safe Harbor framework as set forth by the

Department of Commerce regarding the collection, use, and retention of data from the European Union.




Reliability

Egnyte understands that reliability is your second concern when adopting new technologies. To address this

concern, Egnyte provides a comprehensive solution to delivering reliability.

All of your data is stored in at least two physically disparate data centers. In the case of a network or systems

failure, or a disaster affecting a data center, your data is always available from both second data center as well as

from your local NetApp storage system.

Egnyte maintains 3 data centers – US West Coast, US East Coast, and Europe. In addition, Egnyte can offload

storage services to 3rd

Party providers with data centers located world-wide providing both reliability and speed of

access through geographic proximity.

In each of Egnyte’s data centers, all systems are multiply redundant, ensuring there is no single point of failure of

any component, system or service. This ensures that you will always have access to your data – either in the cloud

or on your local NetApp server.

Egnyte for NetApp itself can be configured in a high-availability (HA) mode, where 2 instances of Egnyte for NetApp

are configured as a primary and secondary. Should the primary system fail, the secondary Egnyte for NetApp

system will take over. Egnyte for NetApp can also be configured to work with NetApp Data OnTap Cluster Mode,

providing a local synchronization solution with no single point of failure.

IT Maintains Complete Control

As the IT administrator, Egnyte provides you complete control. The administrator interface to the Cloud File Server

provides a rich toolkit for security, auditing and control.

Administrators can configure the Cloud File Server, including Active Directory integration, file retention policies,

security policies such as passwords and session timeouts, as well as enabling or disabling features and

functionality. You can also configure users and groups, interaction and synchronization with directory services, and

add-on features such as integrations with single-sign-on vendors or other applications. The administration toolkit

also provides tools to change the look-and-feel of the web interface, including branding with your company’s logo.

There is a full-featured auditing and reporting toolkit, with pre-canned reports for cloud usage, external links, user

permissions and activity, and many other items of interest to administrators.

Each Egnyte for NetApp instance is also fully controlled by the IT Administrator, who can control synchronization

frequency, which directories are synchronized, Active Directory integration, and other configurables. The web

interface also provides the ability to review synchronization logs.

Egnyte Powers Your Business

With Egnyte for NetApp, you bi-directionally synchronize your files with Egnyte’s Cloud File Server. Storing your

data both on your NetApp and in the cloud provides significant business benefits to your users and your company.

NetApp Data from Mobile Access

As mobile devices proliferate, your users are demanding the ability to work and collaborate at any time with any

device. By storing your files in the cloud, you enable your users’ access to your NetApp files using Apple, Android,

and Microsoft mobile devices as well as traditional Mac and Windows PCs. Using the mobile device of their choice,




your mobile users can access and modify your NetApp files. Any time, any place, any device -- your users can be

more productive and can collaborate with each other.

NetApp Storage Features with LAN Speed Access

Users inside your firewall continue to leverage the power and functionality of your NetApp, collaborating on files

with LAN speed. You don’t have to worry about the speed, latency, reliability or network burden of a cloud-only

solution. You also do not have to implement and maintain costly and complex VPN solutions in order to provide

your users with external access to your NetApp storage system.

Always Support the Latest and Greatest Devices

Since Egnyte is constantly chasing the mobile device explosion, you can support your users’ desires for the latest

and greatest devices with little effort. We do the work so that you don’t have to.


All of your data is secured using AES-256 encryption in motion at rest, and your data is stored in a minimum of 3

locations – your NetApp storage system and 2 physically disparate Egnyte Cloud data centers. You can be

confident that your data is secure and always accessible. In addition, Egnyte never overwrites your data. Instead,

Egnyte maintains multiple versions of your files in the cloud. Should an error or conflict occur, you can easily

retrieve a prior version of the file.

Multi-site Synchronization

When you have multiple sites, you can employ Egnyte to synchronize each NetApp system to the cloud, and thus

to each other. This multi-site synchronization allows your users to collaborate on the same files with a single view

of the file system, without costly remote access solutions.

IT Maintains Complete Control.

Egnyte provides the IT administrator complete control, providing a rich toolkit for security, auditing and control. The

administrator toolkit allows you to set policies such as data retention on mobile devices, number of versions saved

in the cloud, third party application integration as well as providing the ability to control the appearance and

behavior of the cloud file system. Administrators can audit individual user and group behavior as well as develop

complex reports on the entire system.

i http://gigaom.com/2013/02/05/cisco-our-mobile-data-appetites-doubled-in-size-in-2012

http://gigaom.com/2013/02/05/cisco-our-mobile-data-appetites-doubled-in-size-in-2012

mobile access to your netapp - egnyte for netapp communicates directly with your active directory or...

Documents