EMC-Unity CIFS Connector Overview
Capabilities
This connector enables you to use File Access Manager to access and analyze data stored in EMC-Unity CIFS and do the following:
-
Analyze the structure of your stored data.
-
Monitor user activity in the resources.
-
Classify the data being stored.
-
Verify user permissions on the resources, and compare them against requirements.
-
Manage access fulfillment - automated granting and revoking of access - according to rules set in File Access Manager.
-
Identity collector – collect IAM users, groups and roles and the connections between them.
Refer to the File Access Manager documentation for a full description.
CEE
CEE is a software package that allows File Access Manager to receive event notifications from Unity. It consists of two agents: Common Antivirus Agent (CAVA) and Common Event Publishing Agent (CEPA).
All NAS servers send notifications on events to the CEPA agent and CEPA sends the events to File Access Manager.
CEPA and NAS Servers
-
For CEPA to work, you need to have a SMB server configured on the NAS Server.
-
A CEPA service can communicate with multiple NAS servers, and a NAS server can communicate with multiple CEPA services.
-
CEPA servers work in pools, Dell Recommends a minimum of two CEPA servers per pool.
-
Each NAS server needs to enable publishing events and configure at least one CEPA pool.
CEE & Activity Monitor
Every Activity Monitor can communicate with one or more CEE servers.
Every CEE service can be configured to work with a multiple Activity Monitor services.
Activity Monitor
File Access Manager Connector for EMC uses EMC CEPA over the Common Event Enabler Framework (or CEE, formerly known as CAVA) infrastructure for getting audit events from the Unity for CIFS access.
The Activity Monitor supports different architectures and can work with either a single or multiple, remote, or local CEE services.
Permissions Collection
File Access Manager connects using EMC administrative shares and analyzes folder permissions.
Local groups and users are collected from the CIFS server during the Permission Collection process.
Supported Versions
EMC Dell EMC Unity OE version 4.1
EMC-Unity CIFS Installation Flow Overview
To install the EMC-Unity CIFS connector:
-
Configure all the prerequisites.
-
Add a new EMC-Unity CIFS application in the Business Website.
-
Install the relevant services:
-
Activity Monitor - This is the activity collection engine, used by all connectors that support activity monitoring.
-
Permissions Collector
If you are using EC2 login, the collector should be installed on the EC2 instance.
-
Data Classification Collector
-
Important
Installing the permissions collector and data classification services is optional and should only be installed by someone with a full understanding of File Access Manager deployment architecture. The File Access Manager Administrator Guide has additional information on the architecture.