...
With this flexibility it is easier for the administrator to cope with Snare Central growing requirements in large and busy networks.
| Info |
|---|
|
Snare Central disk layout
Snare Central complies with the “Red Hat Enterprise Linux 6 Security Technical Implementation Guide (STIG)” recommendation from DoD and with "Center for Internet Security (CIS)" benchmark with the following independent file systems structure using Linux logical volume manager (LVM):
| Partition | Size and Details of Usage | Disk Manger Resize Capability |
| / | 10.00 GB - part of operating system | No |
| /boot | 0.50 GB - part of operating system | No |
/usr | 5.00 GB - part of operating system | No |
/var | 5.00 GB - part of operating system | No |
/var/log | 5.00 GB - part of operating system | No |
| /var/tmp | 5.00 GB - part of operating system | No |
| /var/log/audit | 0.50 GB - part of operating system | No |
| /home | 2.00 GB - User home directories | No |
| /tmp | 5.00 GB noudev,nosuid,noexec - used for temporary operating system and application files | No |
| /data | 50.00 GB contains the Snare application and various operational components | No - can be resized using snare CLI menu |
| /data/SnareCache | 10.00 GB reserved for new database reporting engine | Yes |
| /data/SnareIndex | 10.00 GB reserved for new database reporting engine | Yes |
| /data/SnareResultsCache | 10.00 GB reserved for new database reporting engine | Yes |
| /data/SnareReflector | 5.00 GB used for new disk cache feature of reflector | Yes |
| /data/SnareTransition | 10.00 GB used for Snare Collection subsystem before being archived to SnareArchive | Yes |
| /data/SnareArchive00 | rest of disk space | Yes |
| /data/SnareArchive | Overlayfs file system used to allow the mounting of NFS, CIFS( Windows and Samba) shares, DVD, CDROM and USB backup media |
...
Selecting a cylinder displays the filesystem status. The following image show the disk summary available by clicking on the corresponding disk or hovering the mouse on top of it.
| Info |
|---|
|
...
Mounting a CD, DVD or USB
The following image shows the DVD dialogue which allows to mount and/or unmount a data backup device making it available directly into Snare storage. Thus making the archived data immediately available to Snare so the user can run any objective right after mounting the corresponding device.
All that is needed is to specify what kind of device to mount (or unmount) and if access to this device after reboot is required or not (this checkbox actually updates /etc/fstab system file so it's persistent after a reboot if desired).
| Info |
|---|
|
| Info | ||
|---|---|---|
| ||
When mounting or unmounting any device, all Snare back end processes need to be are automatically stopped manually. |
Mounting a NAS
The NAS dialogue is displayed below, which allows the user to mount and/or unmount a Network Attached Storage device making it available directly for Snare to use.
| Info |
|---|
|
...
A NAS can be mounted to increase Snare Central capacity so any new data will be stored in the network device and at the same time, all previous data stored in the server's local hard drive will still be accessible inaccessible for the system to use though. Be aware that that a NAS device will never be as fast as a local hard drive and this could lead to performance constraints is the system has a high EPS demand on it. Most NAS systems don’t implement synchronous write acceleration like SAN disk systems do so will perform at a lower performance than conventional local disk or fibre attached SAN disk will. Another consideration is that if Snare Central loses network connectivity to the NAS access all data stored there won't be accessible and the system may experience long time-outs when trying to retrieve any data or become non responsive.
...
- A name to identify this device (e.g NAS1 or central_storage).
- NAS IP address or name (FQDN) and port number to use.
- The type of NAS to attach to (CIFS or NFS)
- The protocol version to use.
- The share name inside the NAS as a path (or directory name in case of NFS).
- User name and Password.
- Workgroup if required (CIFS only).
- If access to this device after reboot is needed or not (this checkbox actually updates /etc/fstab system file so becomes persistent).
| Info | ||
|---|---|---|
| ||
When mounting or unmounting any device, all Snare back end processes need to will be stopped manuallyautomatically. |
Resizing a local file system
...
Once all the editable file systems sizes are set as required, the user must submit the changes to the server with the submit button (right pointing arrow). Its highly recommended to resize only one file system at a time. Upon submit a warning as shown in the next image will be prompted.
| Info |
|---|
|
| Note | ||
|---|---|---|
| ||
When resizing any file system all Snare back processes need to be stopped and depending on the size of the file system this could take several minutes. |
...
If no more disk space is available, the administrator can add another physical disk (or disks) to the server and after a system reboot the new drive will be available as free space in the Disk Manager ready to be assigned to existing files systems as described.
In the case of upgraded servers, Disk Manager will detect the new disk and ask you if you want to use the whole disk to increase Snare capacity. Click the submit (arrow) button and after a few seconds the disk will be ready for use.
| Note |
|---|
Snare Disk Manager requires that the new disk does not contain any partition nor any filesystem to be correctly detected and used. In any other case the disk will be ignored. |
All new incoming data will be stored in the new disk and all previously existing data will remain in your old disk as read only.
...
.