and you

Standard configuration

The normal NSAM service is implemented in ITSM and includes the following configurable items. Keep in mind that anything different than the standard options may require an update to the pricing structure.

Your domain

For management and billing purposes each client is assigned their own policy domain within the NSAM service. Your organization owns all of the policies, data, and configuration within this policy domain. Domain names must be unique in the system and are normally a two to ten character abbreviation of your organization's name. For example, the Department of Chemistry may have the domain CHEM. To illustrate normal configuration options, the rest of this document will use DOMAIN as a generic domain name.

Your organization should identify at least one person as a domain administrator for the NSAM service. This person, or group of people, will be responsible for:

  • Software installation on each client node.

  • Ensuring that client nodes perform regular backups.

  • Participating in an initial pilot phase of service.

  • Receiving periodic emails from NSAM service staff for planned outages, system changes and domain reports.

Storage Pools

A storage pool is a named collection of storage volumes of a particular device class. For example, a storage pool of optical devices would only contain optical media volumes, just as a collection of disk devices would only contain disks. The typical NSAM installation defines three storage pools for each domain: one disk and two tapes.

Data is migrated from the client machine to the first primary storage pool, then to other primary pools, secondary pools and possible tertiary pools. For the NSAM service, the first place data will live is a disk storage pool named DOMAIN-DISK. When the amount of data in the disk storage pool reaches a user-specified high limit, the server will migrate the data to other primary storage pools. Normally the next pool is the first tape pool, DOMAIN-TAPE. After data is copied to all primary storage pools, the server will then start copying the data to secondary pools, in this case the copy tape pool, DOMAIN-C1. When the data is copied off to all storage pools, and the system needs more disk space for other requests, the data will be freed from disk. When this migration process is finished, your domain's data will live on two physically different tape pools.

Figure 1. Example of standard storage pool configuration

Example of standard storage pool configuration

If your organization requires more copies of data, off-site storage, or storage on a different type of media, the Open Systems Group can work with you to translate your requirements into a pricing structure.

Policy controls

The most common settings that NSAM policy domain administrators twiddle are file retention times. Four parameters are used to control the number of versions of a file and how long these are kept. These four controls can have the largest impact on cost and are explained below, followed by some illustrations.

[Note] Note

New domains usually inherit the STANDARD policy, this is the policy used below for defaults.

RETVer - The maximum number of backup versions to retain for files that are currently on the client file system. If a backup causes the limit to be exceeded, the oldest backup version that exists is deleted from the storage pool. Default value for STANDARD: 2 versions, but can be any integer from 1 to 9999.

RETExtra - How many days to retain a backup version after that version becomes inactive. A version of a file becomes inactive when the client stores a more recent backup version, or when the client deletes the file from the workstation and then runs a full incremental backup. The value of this parameter determines which versions are deleted during inventory expiration processing. This parameter is optional. Default value for STANDARD: 30 days, but can be any integer from 1 to 9999.

VERDeleted - The maximum number of backup versions to retain for files that are deleted from the client file system. This parameter is ignored if the file still resides at the client node. If the client file is deleted, the next backup causes the oldest versions in excess of this number to be deleted from the backup storage pool. The expiration date for the remaining versions is determined by the values specified for the RETEXTRA and RETONLY parameters. Default value for STANDARD: 1 versions, but can be any integer from 1 to 9999.

RETOnly - The retention time, in days, for the last backup version of a file that has been deleted from the client's file system. This parameter is optional. The default value is 120. Default value for STANDARD: 60 days, but can be any integer from 1 to 9999.

[Important] Important

While the NSAM service may keep several versions of your data it is not intended for use as a change management system. If your organization needs a way to handle change management, please look into one of the following packages designed for that purpose: git, subversion, CVS, PRCS, or Aegis.

The STANDARD policy class is by far the most common in the NSAM service and meets the needs of most organizations. For active files, this policy will give you two copies, or actually four copies, two on DOMAIN-TAPE and the same two on DOMAIN-C1. The NSAM service also has another useful management class that some organizations find more suitable to their needs-- USERSPACE. This class increases the RETVer variable to 7, so it would be possible to go back a full 7 days worth of changes. This settings comes from the real world example of being able to easily undo a week worth of work.

Security

ITSM was not originally designed for physically insecure environments. Initial authentication and physical media security was well planned, but data transmission across the network is an area where the system lacks strong security. The details on these three areas, including how CNS goes beyond them follow.

Initial authentication of session

ITSM uses a proprietary challenge-response mechanism to authenticate client machines, a process performed without sending passwords over the network. The client sends the server a message that is encrypted using the password as the key. The server decrypts the message and if the wrong password was used by the client authentication will fail. This method should guard against most types of network intruders during the authentication process.

Data transmission across network

Once a session is authenticated by the server the client sends filesystem changes across the network in the clear. Domain administrators need to audit their data and take precautions against sensitive information being open to network sniffing. Here are some options for your more secure data:

  • Exclude files using Include-Exclude rules in the client software.

  • Encrypt files using an external program. Two popular options are: PGP (commercial) and GNU PG (free). You should understand the implications of these tools prior to using them in conjunction with the NSAM service. Most importantly, if you loose the private key, you will be unable to recover your data, not even outside consultants can be of assistance.

[Note] Note

For Windows clients Version 4.1 and higher IBM has included a facility for encrypting data to be backed up using 56-bit DES. But, again, if you loose the key, you loose the data. Please think before using this option.

Data storage

The NSAM server and tape libraries are located in CNS' physically secure machine room, with a 24-hour operations staff for monitoring system health and providing another layer of security.

The physical media of the NSAM service are stored in a proprietary IBM format, that has both an unpublished format, and no publicly available tools to directly interpret them.

Getting involved

There are three timing points for involvement in the NSAM service: a short pilot program, ongoing use, and moving off the service. This section will described each phase in more detail.

Pilot program

A one to two month pilot program is designed to help show organizations what the service offers and help you predict cost. CNS extends this no-charge trial period to two computers and includes a hands-on installation of the client software and a preview of the administration tools. During this period your organization needs to identify (preferably two) domain administrators who are encouraged to read local documentation, tweak policy settings, and generally play around with the service to see if it meets your needs. The Open Systems staff is available to answer questions that are not covered on this site and to provide guidance on policy and schedule settings where needed.

Ongoing use

After the pilot period your organization can either sign up for the NSAM service or decline and have your data purged from the server. To sign up for the service you need to have a CNS ID generated against which services may be charged. If you do not already have a CNS ID, you can call CNS accounting, at 2-2061, and they can help you get the process started.

In the world of PeopleSoft, the process is called "Setting up a Purchase Order", and is probably something only your financial folks can do. To assist all our customers with this process, we would like to provide you with the following information:

Business Unit 1400
Vendor ID 0000002056 (Computing and Networking Services)
Program Code 9200
Fund Code 144
Department ID 14309000
Account Code 711700
Category Code 81112100 (Internet Service Provider) or 80161506

Just make sure which ever category code you use that our account code (711700) comes up

If you already have an 'account' or a 'PO' with CNS for, for example, wallplate network service or telephone service, then you will still need a new PO for backup work.

Moving off

If your organization no longer needs the use of the NSAM service the Open Systems Group will help you remove your data from the CNS servers and tape libraries. When your data is completely purged all accounts associated with your domain will be removed