0% found this document useful (0 votes)

856 views351 pages

Cohesity SmartFiles Administration 6.6

Uploaded by

majidqazi

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

856 views351 pages

Cohesity SmartFiles Administration 6.6

Uploaded by

majidqazi

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 351

Cohesity SmartFiles Administration 6.

Cohesity Academy
Cohesity Technical Trainer
Cohesity Education Disclaimer

This presentation is intended only for use by Cohesity staff, and students. No
copy or use of this presentation should occur without the permission of
Cohesity. Cohesity retains all intellectual property interests associated with
the presentation. Cohesity makes no claim, promise, or guarantee of any kind
about the accuracy, completeness, or adequacy of the content of the
presentation and expressly disclaims liability for errors and omissions in such
content.

© 2022 Cohesity, Inc. All rights reserved. 2

Introduction

• Who are you?

• Name
• Role
• Area of Expertise
• Previous experience with Cohesity?

© 2022 Cohesity, Inc. All rights reserved. 3

Cohesity Certifications

Information: https://www.cohesity.com/resource-assets/solution-brief/certification-solution-brief.pdf

• Take free online practice exams to make sure you’re ready for the proctored exam.
• Schedule and take your exam remotely via Yardstick.
• Manage and share your Digital Badges

© 2022 Cohesity, Inc. All rights reserved. 4

Expanded Partner Business Opportunities
through Professional Services Delivery PS Partner
Authorization
An enhancement to our Cohesity Partner Program enabling
partners to deliver Cohesity-focused professional services (PS).
Individual Certifications

Benefits

Requirements

Company-level Authorizations

© 2022 Cohesity, Inc. All rights reserved. 5

Course Catalog
Navigate to Cohesity Academy Page

https://www.cohesity.com/academy

© 2022 Cohesity, Inc. All rights reserved. 6

Course Agenda

1. SmartFiles Overview 4. View protection, recovery and 6. NAS Data Migration

• What is Cohesity SmartFiles? cloning • Overview of NAS data migration and
• Use cases of Cohesity SmartFiles • View data protection use cases

• Recovery • NAS Data Migration workflow

2. Storage Domains
• Cloning 7. NAS Data Tiering
• Storage Domain overview
• Storage Domain configuration options 5. Long-Term Retention & Disaster • Overview of NAS data tiering and use
cases
Recovery
3. Views • NAS Data tiering workflow
• Disaster recovery overview
• View workflow • Uptiering
• CloudArchive
• View advanced settings
• CloudRetrive 8. CloudTier
• Replication • Overview of CloudTier
• CloudTier vs CloudArchieve
• CloudTier options

© 2022 Cohesity, Inc. All rights reserved. 7

Course Agenda

9. Security 11. Operations, Monitoring, and Troubleshooting

• Platform encryption • Advanced configuration
• Access Management • Reporting
• Data Compliance • Audit logs
• Troubleshooting tools
10. Cohesity Marketplace apps • Troubleshoot common issues
• Marketplace overview
• Apps installation overview
• ClamAV Antivirus
• Spotlight
• Insight

© 2022 Cohesity, Inc. All rights reserved. 8

Class Lab

• Lab:
• Student login portal:
• https://cohesity.learnondemand.net

• Course Link:
• https://cohesity.learnondemand.net/Class/(class number)

• Login Information:
• Username: email address
• Passwords: cohesity123!

© 2022 Cohesity, Inc. All rights reserved. 9

Frequently Used Icons

View Clone
S3-NFS compatible cloud Dedupe
Protection job / group

Data protection
Storage Domain Compression NAS generic
Protection Run/Backup snapshots

Archive Files & Objects

Encryption-keys External target storage
CloudTier

Replication
CloudArchive Granular recover and restore
S3 bucket QoS

Cohesity Helios
Data Center | Edge | Public Cloud

The Cohesity Helios Platform that can be installed in a data center, public cloud or edge location.
© 2022 Cohesity, Inc. All rights reserved. 10
SmartFiles Overview
Module 1

© 2022 Cohesity, Inc. All rights reserved.

Cohesity Next-Gen Data Management Platform

© 2022 Cohesity, Inc. All rights reserved. 12

SmartFiles: A New Approach to Files and Objects

• Software Defined
Scale without limits

• Optimized Efficiency
Capacity & data management

• Broad Multiprotocol Interoperability

NFS, SMB, S3, OpenStack Swift, Public Clouds

• Easy to Operate
Policy-based & unified management
• Global Actionable Search
“Google-like” experience

• Integrated Apps
No NAS ecosystem infrastructure required

© 2022 Cohesity, Inc. All rights reserved. 13

SmartFiles Use Cases

*Always review your use case and sizing with your Cohesity account team

© 2022 Cohesity, Inc. All rights reserved. 15

SmartFiles Use Cases
Flexible Performance Characteristics

Hybrid All Flash

• Secondary file workload • Multi-user file server with replication

• Corporate file shares • Corporate file shares – SMB/NFS
• Home directories for applications • File store for SQL dumps
• Capacity workloads:
• Splunk warm buckets
• Archiving and tiering.
• Analytics use case - SAP backend
• 3rd party backup destination (Veeam/Commvault/TSM)
• Media & Entertainment – Animation, video editing
• Database Dumps (SQL/Oracle/MongoDB/Redis)
• S3 buckets
• Repository for surveillance videos (Milestone)
• Medical imaging (PACS archives, VNA archives)
• Cyber Vault - Long-term retention of data in an
immutable format using Cohesity DataLock or S3
Object Lock and Legal Hold.

*SmartFiles is not recommended to be used for production datastores.

Question A. Video files store

What is the use case that
Cohesity Views CAN NOT B. Production VMs datastore
be used for?
C. PACS store
D. SQL Dump

© 2022 Cohesity, Inc. All rights reserved. 17

Discussion

Question A. Video files store

What is the use case that
Cohesity Views CAN NOT B. Production VMs datastore
be used for?
C. PACS store
D. SQL Dump

© 2022 Cohesity, Inc. All rights reserved. 18

Storage Domain
Module 2

© 2022 Cohesity, Inc. All rights reserved.

Cohesity Cluster

• Cohesity clusters store and

process data

• A multi-node cluster is a grouping COHESITY CLUSTER

of (*3+) Cohesity nodes (cannot
be a mix of different types of Dual 10G Dual 10G Dual 10G
platforms).
PCIe SCSI Controller PCIe SCSI Controller PCIe SCSI Controller
• A Cohesity cluster has its own
local management domain.

• Clusters can be managed via a

Cohesity web UI, CLI, or API.

*A single-node cluster can run on a single node VE or physical edge

© 2022 Cohesity, Inc. All rights reserved. 20

Storage Domain

COHESITY
CLUSTER
• Logical pool of storage that DefaultStorage
spans the cluster Domain
Inline Dedupe, Inline Compression,
• Determines the policy that will and Encryption
be applied to the data

• A default Storage domain gets

automatically created
Dual 10G Dual 10G Dual 10G
• Additional Storage Domains
can be created by the
Cohesity administrators PCIe SCSI Controller PCIe SCSI Controller PCIe SCSI Controller

© 2022 Cohesity, Inc. All rights reserved. 21

Storage Domain Configuration Options

STORAGE REDUCTION ENCRYPTION

• Deduplication: Global variable-length • Encrypt at Cohesity cluster upon creation
deduplication (Inline or postprocess). and/or Storage Domain Level.
• Supports AES256 software encryption.
• Compression: Zstandard (ZSTD) for high
Provides a built-in Key Management Service
performance and low latency (Inline or
postprocess). (KMS) that automatically generates keys.
• Once enabled, it cannot be disabled.

STORAGE RESILIENCY* STORAGE QUOTAS

• Data is spread across different nodes in the • Can set a physical quota to cap the Storage
cluster per fault tolerance settings including: Domain or a logical quota for Views.
• Replication Factor • Can configure an alert to trigger when reaching a
• Erasure Coding specified threshold.

Note: See Create or Edit Storage Domains for more details on Storage Domain settings
*Consult your Cohesity account team before you change the resiliency settings
© 2022 Cohesity, Inc. All rights reserved. 22
Storage Domain Configuration Options

CLOUDTIER
• Moves cold date blocks to an external storage
• Extends storage layer of cluster transparently
• Cannot be enabled, once it’s disabled

© 2022 Cohesity, Inc. All rights reserved. 23

1 Create a Storage Domain
Demo
2 Explore Storage Domain Options

© 2022 Cohesity, Inc. All rights reserved. 24

Discussion

Question
Quota can only be enabled
A.True
at the Storage Domain
Level?
B. False

© 2022 Cohesity, Inc. All rights reserved. 25

Discussion

Question
Quota can only be enabled
A.True
at the Storage Domain
Level?
B. False

© 2022 Cohesity, Inc. All rights reserved. 26

Discussion

Question
Encryption can only be
A.True
enabled at the Storage
Domain Level?
B. False

© 2022 Cohesity, Inc. All rights reserved. 27

Discussion

Question
Encryption can only be
A.True
enabled at the Storage
Domain Level?
B. False

© 2022 Cohesity, Inc. All rights reserved. 28

Views
Module 3

© 2022 Cohesity, Inc. All rights reserved.

Views
Overview

© 2022 Cohesity, Inc. All rights reserved.

Views
Overview

A Cohesity View is a storage location that gets created within a

specified Storage Domain automatically by the system or by
Cohesity administrators.

Views are where data is stored, and data only arrives and leaves a Cohesity cluster through a View.

© 2022 Cohesity, Inc. All rights reserved. 31

Views
Overview

Internal Views (system created) are immutable storage locations that are
utilized for backup, cloning and recovery operations.

Internal Views get created and removed by the system

© 2022 Cohesity, Inc. All rights reserved. 32

Views
Overview

External Views (admin created) are used as NAS or Object Storage. See
the Ideal Use Cases for SmartFiles for more details.
R
ea
d/
W
r it
Storage Domain
e

NFS/SMB/S3/Swift
Servers/apps Read/Write
Cohesity View
e
r it
d /W
ea
Cohesity Helios
R Data Center | Edge | Public Cloud

Users
Data Sourcesand Authorization for data access can be configured by Cohesity administrators
Authentication

© 2022 Cohesity, Inc. All rights reserved. 33

Platform Internals
Storage Domains & Views
COHESITY
CLUSTER
Storage Storage
Domain 1 Domain 2
Inline Dedupe, Inline Compression, No Dedupe, No Compression
and Encryption

View 1 View 2 View 3 View 4

External Internal External External

Dual 10G Dual 10G Dual 10G

PCIe SCSI Controller PCIe SCSI Controller PCIe SCSI Controller

Views inherit the Storage Domain settings

© 2022 Cohesity, Inc. All rights reserved.

Views
Create Views – Configuration Options

Performance Optimization
Multi-protocol support – Advanced data access
& data tiering – Configure
Configure single or multi- control – Configure generic
QoS, SSD Pinning, and data
protocol Views and protocol-specific settings
tiering

Advanced data security–

Compliance – Configure
Apply additional security via Analytics – Analyze file
options to prevent data from
Antivirus integration and File auditing
being deleted or altered
Filtering

Self-Service recovery –
Protection – Automate View Quota – Control storage
Allow View users to perform
data protection capacity consumption
recovery

© 2022 Cohesity, Inc. All rights reserved. 36

Views
Create Views – From Scratch VS. Templates

view

Cohesity SmartFiles
Data Center | Edge | Public Cloud

From scratch Global Data Management Templates

• Configure View configuration • Use pre-defined Cohesity templates

settings from scratch without that are created based on various
suggested options common use cases
• Create custom templates

© 2022 Cohesity, Inc. All rights reserved. 37

Views
Create Views – From Scratch VS. Templates

1 Navigate to File Services > Views 4

© 2022 Cohesity, Inc. All rights reserved. You can select templates based on your requirements to create Views faster 38
Views
Create Views – Allowlists*

*Cohesity does not recommend using Global Allowlists in production environments

39 © 2022 Cohesity, Inc. All rights reserved. 39
Views
Access Views

Share path can be

copied
© 2022 Cohesity, Inc. All rights reserved. 40
Views
Nested Shares

© 2022 Cohesity, Inc. All rights reserved. 41

1 Create a View from scratch

2 Create a Global Allowlist

Demo
3 Access the View

4 Create a nested share

5 Access the nested share

© 2022 Cohesity, Inc. All rights reserved. 42

Views
Create Views – Configuration Options (Category)

File Shares Backup Target Object Services

• PACS Archive • Commvault • Containers

(Picture archiving • Veeam • General
and communication • General • Splunk Smartstore
system) • TSM • Hadoop
• Multimedia • Application Dumps
• Video (Oracle, SQL, SAP
• General Purpose Hana)
Files
• Digital Archive

© 2022 Cohesity, Inc. All rights reserved. 43

Views
Create Views – Configuration Options (Storage Domain)

© 2022 Cohesity, Inc. All rights reserved. 44

Views
Create Views – Configuration Options (Read/Write Protocols)

© 2022 Cohesity, Inc. All rights reserved. 45

Views
Create Views – Configuration Options (Multiprotocol Support)

View Category Multiprotocol

Combinations

File Shares • NFS v3

• NFS v4.1
• SMB v2.x / v3.x
• S3 (read-only)

Backup Target • NFS v3

• NFS v4.1
• SMB v2.x / v3.x

Object only (one protocol) • S3

• Swift

© 2022 Cohesity, Inc. All rights reserved. 46

Views
Advanced Options

© 2022 Cohesity, Inc. All rights reserved.

Views
Create Views – Advanced Options

• Case Sensitive File or Folder Names

More Options

• Performance (QoS Policy)

• Dedupe & Compressive

• Logical Quota

• Description

© 2022 Cohesity, Inc. All rights reserved. 48

Views
Create Views – Advanced Options (Case Sensitivity)

Case Sensitive File Or Folder Names

• Toggle on if you want the uppercase and lowercase Protocol Default Case-Sensitive
version of the same letter in a file or folder name to be Setting Toggle
treated differently Multi SMB/NFS Case-Sensitive OFF
• If a single protocol is selected when creating the View, NFS Case-Sensitive ON
the preferred option is automatically set
SMB Case-Sensitive OFF
• For Views that will support NFS and SMB, case
sensitive is set to Off (preferred setting for SMB S3/Swift Case-Sensitive ON
clients)

© 2022 Cohesity, Inc. All rights reserved. 49

Views
Create Views – Advanced Options (Performance)

© 2022 Cohesity, Inc. All rights reserved. 50

Views
Create Views – Advanced Options (Performance - QoS)

Common QoS policies are TestAndDev and Backup Target, and each
has variants by storage media and priority.

QoS Policy Optimized for I/O Workload Type Priority

TestAndDev Mixed I/O workloads such as file shares. Best for writes and sequential single stream reads and • High
writes. Recommended for Cohesity SmartFiles.
• Low

Backup Target Best for sequential, multi-stream reads and writes. Recommended for Cohesity DataProtect and • SSD
Cohesity Archive. Also recommended for Cohesity SmartFiles when used as a backup target.
• High

• Low

Refer to QoS Policies for details on the other QoS options

Enable Pin View to SSD* for new Views, existing Views (for a definite
period or forever)
R
ea
d/
W
rit
e

Data Read/Write
e view
Servers/apps rit
/ W
ead
R

HDDs SSDs SSDs HDDs

Users

HDDs SSDs SSDs HDDs

Cluster with hybrid nodes

*Supported only with TestAndDev High and Backup Target SSD QoS
© 2022 Cohesity, Inc. All rights reserved. 52
Views
Create Views – Advanced Options (Dedupe & Compression)

Enable Post-processing dedupe and Compression

© 2022 Cohesity, Inc. All rights reserved. 53

Views
Create Views – Advanced Options (Logical Quota)

View Quota can be Inherited (from the Storage Domain) or Overridden

© 2022 Cohesity, Inc. All rights reserved. 54

Views
Create Views – Advanced Options (User & Directory Quota)

2
1

User and directory quotas can be configured after the View is created
© 2022 Cohesity, Inc. All rights reserved. 55
Views
Create Views - NFS

© 2022 Cohesity, Inc. All rights reserved.

Views
Create Views – NFS

Storage Domain

NFS 3.0 – NFS 4.1

Servers/apps
Read/Write
Cohesity View

Cohesity Helios
Users
Data Center | Edge | Public Cloud

© 2022 Cohesity, Inc. All rights reserved. 57

Views
Create Views – NFS

© 2022 Cohesity, Inc. All rights reserved. 58

Views
Create Views - CIFS/SMB

© 2022 Cohesity, Inc. All rights reserved.

Views
Create Views – CIFS/SMB

Storage Domain

SMB 2.x – 3.0

Servers/apps
Read/Write
Cohesity View

Cohesity Helios
Users
Data Center | Edge | Public Cloud

© 2022 Cohesity, Inc. All rights reserved. 60

Views
Create Views – CIFS/SMB

© 2022 Cohesity, Inc. All rights reserved. 61

Views
Create Views – CIFS/SMB

SMB Options

© 2022 Cohesity, Inc. All rights reserved. 62

Views
Create Views - Object Storage (S3 & Swift)

© 2022 Cohesity, Inc. All rights reserved.

Views
Create Views – S3 & Swift

Storage Domain

S3 compatible/Swift Object Store

Servers/apps Read/Write
Cohesity View

Cohesity Helios
Users
Data Center | Edge | Public Cloud

© 2022 Cohesity, Inc. All rights reserved. 64

Views
Create Views – S3
Equivalent to AWS S3 Buckets

Files can be accessed as S3 objects Access is managed through the Access

keys, Secret Keys, and S3 ACLs

Allows S3 Read only protocol on SMB/NFS S3 Bucket/View are accessed over HTTPS
R/W View protocol on port 3000

S3 bucket

Object Key Pattern supported are

Hierarchical and Flat
QoS policy decide the performance and
tiering of data

Deduplication and Compression are derived

from Storage domain

© 2022 Cohesity, Inc. All rights reserved. 65

Views
Create Views – S3

Cohesity S3 stores data using two Object Key patterns

Random

Hierarchical Flat
Structured
0
0
1 2 3
Level 1
Short Long
1 2 3 Level 1 1.1 2.1 2.2 Level 2

Level 2 N.1 N.2 N.n Level N

1.1 2.1 2.2

HIERARCHICAL FLAT

• The input key is treated as a filesystem path where the directories • Input Key is encoded first and then used as filesystem
and file names are separated by '/' paths
• The exact hierarchy is created for storing the current version of the • Broken down into multiple smaller (2 or 3 characters)
object in the FS namespace segments to get the absolute path for storing the inode
CONSIDERATIONS

• Cohesity does not recommend using the Hierarchical view for latency-
sensitive workloads
• SmartFiles S3 View is Created through API, short Key pattern is selected
by default

© 2022 Cohesity, Inc. All rights reserved. 66

Views
Create Views – S3

Object Key Pattern

Flat Key Type

Structured Key Length

© 2022 Cohesity, Inc. All rights reserved. 67

Views
Create Views – S3

S3 ACCESS KEYS (20 BYTE)

Has two parts

• Access Key ID
• Secret Access Key

Access key is created at the same

time the iris user account is created

Keys can be fetched anytime from

Cohesity UI/CLI

Admin can reset the secret key of

another user. But cannot see the
keys

© 2022 Cohesity, Inc. All rights reserved. 68

Views
Create Views – Swift
Third-party Swift Object Store implementation for the OpenStack

Files can be accessed as Swift objects OpenStack Keystone Identity service

Containers and Objects modification are Uses Identity API v3

controlled by Container ACLs
Swift Object
Store

Object Key Pattern supported are

Hierarchical and Flat
QoS policy decide the performance and
tiering of data

Deduplication and Compression are derived

from Storage domain

© 2022 Cohesity, Inc. All rights reserved. 73

Views
Create Views – Swift

Swift Support

Swift Keystone v3 ✔

Swift Multitenancy ✔

Swift Accounts ✔

Swift Containers ✔

Swift Object GET/PUT ✔

© 2022 Cohesity, Inc. All rights reserved. 74

Views
Create Views – Swift

© 2022 Cohesity, Inc. All rights reserved.

Swift Options 75
Discussion

Question
The View File Shares
Category supports the A.True
ability to have View clients
to read and write data using B.False
all the supported protocols
NFS, SMB, S3, and Swift?

© 2022 Cohesity, Inc. All rights reserved. 76

Discussion

Question
The View File Shares
Category supports the A.True
ability to have View clients
to read and write data using B.False
all the supported protocols
NFS, SMB, S3, and Swift?

© 2022 Cohesity, Inc. All rights reserved. 77

Discussion

Question
Users can have direct A.True
access to Views
immediately after Views B.False
creation?

© 2022 Cohesity, Inc. All rights reserved. 78

Discussion

Question
Users can have direct A.True
access to Views
immediately after Views B.False
creation?

© 2022 Cohesity, Inc. All rights reserved. 79

Discussion

Question
What is the category that A.File Shares
needs to be selected if an
admin wants to create a B.Backup Target
read/write S3 View?
C.Object Services

© 2022 Cohesity, Inc. All rights reserved. 80

Discussion

Question
What is the category that A.File Shares
needs to be selected if an
admin wants to create a B.Backup Target
read/write S3 View?
C.Object Services

© 2022 Cohesity, Inc. All rights reserved. 81

View Data Protection, Recovery
and Cloning
Module 4

© 2022 Cohesity, Inc. All rights reserved.

Data Protection
Overview

© 2022 Cohesity, Inc. All rights reserved.

Cohesity Data Protection
Overview

View Archive

Long-term Retention
Protection Policy Protection Group Protection Runs

Tape
Cohesity Helios Data Metadata Index
Data Center

Deduplication Compression Encryption

Cohesity Helios
Replication Data Center | Edge | Public Cloud

Disaster Recovery

Views are not protected by default

Views added to the same Protection Group must be associated with the same Storage Domain

© 2022 Cohesity, Inc. All rights reserved. 88

1 Create a Protection Group

2 Select View to protect

Demo
3 Monitor the status of the Protection Run

4 Review the Protection Run

© 2022 Cohesity, Inc. All rights reserved. 89

Recovery
Files & Folders

© 2022 Cohesity, Inc. All rights reserved.

Recovery
Recover Files and Folders

File & Folder

Recovery

Search Browse Snapshot Self-service

© 2022 Cohesity, Inc. All rights reserved. 91

Recovery
Recover Files and Folders

The Search Files and Folders option requires indexing

• The Snapshots Self Service option enables users to recover files

and folders from the Windows and Linux client machines
• Users can copy/restore files or folders that may have been
accidentally deleted or got corrupt.

• Enable the Snapshot Self-Service for when you create Views

• Supported for SMB and NFS
• The View must be protected

• A hidden .snapshot directory is created for NFS Views, and

~snapshot folder is created for SMB Views
• The backup snapshots are listed in the hidden directory
• You can customize the name of the directory (ensure that it is a
unique name).

© 2022 Cohesity, Inc. All rights reserved. 93

Recovery
Snapshots Self-Service

• The Snapshot Self-service folder/directory is

hidden
• Show hidden files/folders to view the ~snapshot
folder*

• Each folder timestamp represents a

Snapshot/Protection Run

• Select a timestamp (Protection Run) from which

files or folders need to be restored and copy the
required files or folders.

*The Snapshot Self-Service directory is .snapshot for NFS

2 Review the recovery task pulse log

Demo
3 Browse contents of a View

4 Recover from Windows using Snapshot Self-service

© 2022 Cohesity, Inc. All rights reserved. 95

View Cloning

© 2022 Cohesity, Inc. All rights reserved.

Cloning
Overview

View Clone View

View data Reference

Cohesity cluster

Cloning a View makes the existing data in the original View available through the clone View

© 2022 Cohesity, Inc. All rights reserved. 97

Cloning
Configuration Workflow

• When cloning, the active current status of

the view is cloned by default

• You can also clone a View from previous

state by cloning it from a View Protection
Run

• Cloning a View from a ‘CLEAN’ Protection

Run can be a very efficient approach when
recovering from a Ransomware attack
• You can later mount the cloned View on client side
then delete the old View once you verify that the
clone View is clean, and all the data required is
accessible.

© 2022 Cohesity, Inc. All rights reserved. 98

1 Clone a View

Demo
2 Review the cloning task pulse log

3 Access data on the clone View

© 2022 Cohesity, Inc. All rights reserved. 99

Cloning
Clone Directory Contents

• You can recursively clone (copy) the contents of a directory in a View

to new directory in the same View or a different View using the view
clone-directory Cohesity CLI command*.

iris_cli view clone-directory destination-directory-

name=Dest destination-directory-path=/ViewDest source-
directory-path=/ViewSrc/test

• Maximum number of files in the source hierarchy that can be atomically

cloned together is 8192.

*Accessing Cohesity CLI will be covered in a later module

© 2022 Cohesity, Inc. All rights reserved. 100

Cloning
Overwrite a View

• Use the Cohesity CLI view overwrite command to overwrite a

View with the contents of another View in the same Cohesity
cluster.

iris_cli view overwrite source-view-name=<view1>

target-view-name=<view2>
View A View B

• This is useful if you want to maintain a read/write View on a

remote Cohesity cluster and update it after every replication task

View B

© 2022 Cohesity, Inc. All rights reserved. 102

Discussion

Question
Views get automatically
A.True
protected when created? B. False

© 2022 Cohesity, Inc. All rights reserved. 103

Discussion

Question
Views get automatically
A.True
protected when created? B. False

© 2022 Cohesity, Inc. All rights reserved. 104

Discussion

A. Recover an entire View from the

Question Recovery UI page
What are the two data
recovery options that are
B. Recover a file by browsing the
possible after protecting a
View content
Cohesity View? (Choose
two)
C. Create a View clone from a
Protection Run
D. Recover a file directly to a View
from the Recovery UI page

© 2022 Cohesity, Inc. All rights reserved. 105

Discussion

A. Recover an entire View from the

Question Recovery UI page
What are the two data
recovery options that are
B. Recover a file by browsing
possible after protecting a
the View content
Cohesity View? (Choose
two)
C. Create a View clone from a
Protection Run
D. Recover a file directly to a View
from the Recovery UI page

© 2022 Cohesity, Inc. All rights reserved. 106

Discussion

A.The clone gets automatically

updated if new data gets written
Question to the original View
What is true about View B.The clone gets automatically
clones? updated only if an admin applies
quota to the original View
C.The clone View is completely
independent
D.The clone View gets deleted
when the original View is deleted

© 2022 Cohesity, Inc. All rights reserved. 107

Discussion

A.The clone gets automatically

© 2022 Cohesity, Inc. All rights reserved. 108

Long-Term Retention
and Disaster Recovery
Module 5

© 2022 Cohesity, Inc. All rights reserved.

Disaster Recovery and Long-Term Retention
Overview

CloudArchive Replication

• Transfer a copy of your data to an external storage and • Replicate a copy of your data to remote Cohesity
recover the data when needed using those copies. clusters and recover the data when needed using
those copies.
• Data can be recovered to an alternate cluster
using CloudRetrieve • Site-site Replication between multiple Cohesity
clusters over large geographical distances.
• Retain data to cheaper storage and meet regulatory and
compliance requirements.

© 2022 Cohesity, Inc. All rights reserved. 110

CloudArchive

© 2022 Cohesity, Inc. All rights reserved.

CloudArchive
Overview

LONG-TERM DATA RETENTION LOWER TCO

• Retain data to cheaper storage and meet • Policy-driven archival to warm & cold
regulatory and compliance requirements storage tiers
• Easily scales up to petabytes of storage • Deduplication and compression cuts cloud
storage and transfer costs

GRANULAR RECOVERY DATA MIGRATION

• Granular level recovery with file metadata • Easily migrate large datasets from one
stored on-premises and in the cloud data center to another or to cloud
• Recover to same source or to a new • Use cloud as your disaster recovery site
storage
© 2022 Cohesity, Inc. All rights reserved. 112
CloudArchive
Overview

View

Tape Library (via QStar)

Data Protection

Cohesity Helios
Data Center

Archive task
Index Metadata Data (After local Backup) Data Metadata Index

External Target

© 2022 Cohesity, Inc. All rights reserved. 113

CloudArchive
Incremental With Full Archives

• First archive is always a full

archive (if dedupe enabled,
Snapshots CloudArchive Dedupe
archive is a reference archive) (Source Cluster) (External Target)

• Incremental archives only A B C D Full A B C D abc def def jkl

transfer changed data A B C D’ Incremental A B C D’ jkl

• Archives are deduplicated A’ B C’ D Incremental A’ B C’ D abc def

together in the external target
independently from local backups A’ B’ C’ D’ Incremental A’ B’ C’ D’ def jkl

A’ B’ C’’ D’ Full A’ B’ C’’ D’ abc def def jkl

• By default, a full archive will be
sent to the external target every
90 days.
Deduplication occurs within each
archive and across subsequent archives

© 2022 Cohesity, Inc. All rights reserved. 114

CloudArchive
Incremental With Full Archives

Day 0
Full Archive Day 1 Day 2 Day 89
Reference Incremental Incremental Incremental
dependent on Day 0 dependent on day 1 dependent on day 88
Archive

Compared to
Day 91 Day 90 No last Reference
Incremental Full Archive Archive, are
dependent on day 90 dependent on Day 0 data changes >
50%?

Yes

Day 90
Day 91
Incremental Full Archive
dependent on day 90 (New) Reference
Archive

© 2022 Cohesity, Inc. All rights reserved. 115

Cloud Archive
Tape Archival Through QStar

The archival to tape is achieved via integration with a 3rd party

software provided by QStar technologies.

• Compression and encryption are enabled by default

• Full archival only.
• File Level Recovery (FLR) not supported.
• Recovery supported to original cluster.
• Recovery from tapes to alternate cluster (CloudRetrieve
use case) not supported.
• QStar uses port 18082 for communication with Cohesity.

© 2022 Cohesity, Inc. All rights reserved. 116

Cloud Archive
Seeding Appliances*

• Seeding appliances are offered by major cloud providers as an

option for customers to use an offline migration method for moving
data into the cloud.

• Cohesity supports all three (Azure, AWS and GCP) seeding

appliances when seeding data for CloudArchive
• Cohesity initially transfers data to the seeding appliance.
• The seeding appliance is then shipped to the cloud provider and the
data migrated into cloud storage objects.
• Cohesity then reconnects the Protection Job to the archive in the cloud storage
object that contains the data (requires assistance from the Cohesity support
team).

*Make sure that you work with Cohesity support if you would like to set up a seeding appliance

© 2022 Cohesity, Inc. All rights reserved. 117

CloudArchive
CloudArchive V1 Configuration Workflow

Register an External Target as a first step*

*Ensure that you configure the required Permissions for Archival & Retrieval
© 2022 Cohesity, Inc. All rights reserved. 120
CloudArchive
CloudArchive V1 Configuration Workflow

Policy Protection Run

(Recurring) (One-Time Archive/ Archive Now)

• Enabled at a Policy level • Can be applied to an existing Protection Run when editing
the Protection Run configuration
• Enabling Archival at a Policy level applies to Protection
Groups associated with the Policy • Can be applied when starting an on-demand Protection
Run using the “Run Now” GUI option

© 2022 Cohesity, Inc. All rights reserved. 122

1 Register an External Target

2 Create a new Protection Policy and enable Archive

Demo
3 Create and run a new Protection Group with Archive

4 Monitor the progress of the Protection Run and the archive task

© 2022 Cohesity, Inc. All rights reserved. 128

1 Register an External Target

Demo Enable Cloud Archive at a Protection Run level

3 Monitor the progress of the Protection Run and the Archive task

© 2022 Cohesity, Inc. All rights reserved. 129

Cloud Archive
Recovery

View Recover archived

data from an CloudRetrive
External Target

Cohesity Helios
Cohesity Helios Data Center | Edge | Public Cloud
Data Center | Edge | Public Cloud
New cluster
Source cluster
RECOVER FROM EXTERNAL TARGET CLOUDRETRIEVE
Recover entire objects (Views) or Retrieve archived data onto a
individual files or folders to your new cluster
original cluster.

© 2022 Cohesity, Inc. All rights reserved. 130

Cloud Archive
Recovery Configuration Workflow

1 Search by file or folder name or 2 Select the recovery point and the Archive target
browse. option to recover the data.

© 2022 Cohesity, Inc. All rights reserved. 132

1 Verify that a View Protection Run/Snapshot was successfully archived to the Cloud

Demo
2 Recover a file by search and download the file from a CloudArchive

© 2022 Cohesity, Inc. All rights reserved. 133

CloudArchive
Recovery Configuration Workflow - CloudRetrieve

Navigate to Data Protection > CloudRetrieve

© 2022 Cohesity, Inc. All rights reserved. 134

1 Trigger CloudRetrieve

Demo
2 Verify that the CloudRetrieve task is finished

© 2022 Cohesity, Inc. All rights reserved. 138

Replication

© 2022 Cohesity, Inc. All rights reserved.

Replication
Overview

View Replication

Protection Policy Protection Group Protection Runs

Cohesity Helios Data Metadata Index

Cohesity Helios
Data Center Data Center | Edge | Public Cloud

Deduplication Compression Encryption

Site-to-site Replication between Cohesity Clusters is possible no matter where the clusters are deployed
© 2022 Cohesity, Inc. All rights reserved. 141
Replication
Overview – Configuration Examples

1:1 pairing Fan Out

Cross-replication Fan In

© 2022 Cohesity, Inc. All rights reserved. 142

Replication
Configuration Workflow

1 2

Establish connection with the remote cluster

Configure replication pairing

© 2022 Cohesity, Inc. All rights reserved. 143

Replication
Configuration Workflow

Policy Protection Run

(Recurring) (One-Time Replication)

• Enabled at a Policy level • Can be applied to an existing Protection Run when editing
• Enabling Replication at a Policy level applies to the Protection Run configuration
Protection Groups associated with the Policy • Can be applied when starting an on-demand Protection
Run using the “Run Now” GUI option

© 2022 Cohesity, Inc. All rights reserved. 144

Replication
Configuration Workflow

Automatically create a read-only View on the remote cluster

© 2022 Cohesity, Inc. All rights reserved. 145

Replication
Remote Access

• Set up multi cluster access and manage remote Cohesity clusters

from the local Cohesity cluster’s UI.

• Switch to the remote Cohesity cluster (replication partner) by

selecting its name from the drop-down list on the top left corner of
the Cohesity UI.

• Replication does not require Remote Access

© 2022 Cohesity, Inc. All rights reserved. 146

1 Register a remote cluster for Remote Access and Replication

2 Explore Replication options

Demo
3 Edit a Protection Policy to enable Replication

4 Verify replicated Protection Run/Snapshots at the remote cluster B

5 Verify the Read-Only View on the replication target

© 2022 Cohesity, Inc. All rights reserved. 147

Discussion

Question
CloudArchive can be used A.True
to recover data to an
alternate cluster that is B. False
different from the original
cluster that archived the
data.

© 2022 Cohesity, Inc. All rights reserved. 148

Discussion

Question
CloudArchive can be used A.True
to recover data to an
alternate cluster that is B. False
different from the original
cluster that archived the
data.

© 2022 Cohesity, Inc. All rights reserved. 149

Discussion

A.Enable at a Policy Level

Question
What are the options
B. Enable at a View Level
available to configure
replication? (Choose two)
C.Enable at a Storage Domain
Level
D.Enable at a Protection Run
Level

© 2022 Cohesity, Inc. All rights reserved. 150

Discussion

A.Enable at a Policy Level

Question
What are the options
B. Enable at a View Level
available to configure
replication? (Choose two)
C.Enable at a Storage Domain
Level
D.Enable at a Protection Run
Level

© 2022 Cohesity, Inc. All rights reserved. 151

Discussion

A.Azure Hot Blob

Question
What are the supported
B. iSCSI
External Target options for
CloudArchive? (Choose
C.NFS
two)
D.SMB

© 2022 Cohesity, Inc. All rights reserved. 152

Discussion

A.Azure Hot Blob

Question
What are the supported
B. iSCSI
External Target options for
CloudArchive? (Choose
C.NFS
two)
D.SMB

© 2022 Cohesity, Inc. All rights reserved. 153

NAS Data Migration
Module 6

© 2022 Cohesity, Inc. All rights reserved.

NAS Data Migration
Overview

NAS Backup Cohesity Helios

Data Center | Edge | Public Cloud

Restore NAS
backup as a
View

Share the View to users

view

© 2022 Cohesity, Inc. All rights reserved. 155

NAS Data Migration
Workflow
Configure NAS User with
appropriate Backup &
Restore Permissions

Cohesity Helios
Data Center | Edge | Public Cloud

Register the NAS Choose Protection Configure Backup with Recover NAS
storage as Source Policy Protection Group volumes as
Cohesity Views

© 2022 Cohesity, Inc. All rights reserved. 156

NAS Data Migration
Checklist

ü Use a service account that is a member of a security group that has access to all files

ü Add cluster node IP addresses and VIPs to the NFS exports list

ü Work with support to optimize NAS backup performance using the NAS Gatekeeper gflag

ü Disable write access to the source to prevent any last-minute file modifications
ü Take a final backup before recovering the NAS data to a Cohesity View

ü Enable Browsable Shares after the migration if needed

ü Change the file category to File Shares after the migration if your use case requires the
File Share category

ü Record permissions and verify after failover

ü NTFS permissions should be retained but share level permissions must be reconfigured after failover

ü Permissions will be retained in case of NFS

© 2022 Cohesity, Inc. All rights reserved. 157

1 Register NAS

Demo 2 Protect NAS

3 Verify NAS protection

© 2022 Cohesity, Inc. All rights reserved. 158

1 Recover protected NAS volume to a View
Demo
2 Access data on the View

© 2022 Cohesity, Inc. All rights reserved. 159

Discussion

A.File and folder permissions are

Question retained
What is true about
recovering a protected NAS B. File and folder permissions are
data to a Cohesity View?. not retained
(Choose two)
C.The workflow is only supported
for NFS
D.The workflow is only supported
for SMB

© 2022 Cohesity, Inc. All rights reserved. 160

Discussion

A.File and folder permissions

Question are retained
What is true about
recovering a protected NAS B. File and folder permissions are
data to a Cohesity View?. not retained
(Choose two)
C.The workflow is only
supported for NFS and SMB
D.The workflow is only supported
for SMB

© 2022 Cohesity, Inc. All rights reserved. 161

External NAS Data Tiering
Module 7

© 2022 Cohesity, Inc. All rights reserved.

External NAS Data Tiering
Overview

2
1

Cold/Unused files are downtiered

3 Cohesity Helios
Data Center

Primary NAS Storage

Hot files
Uptier files when needed
Cold files

User requests are redirected to Cohesity to access the cold files that have been downtiered Stub files
© 2022 Cohesity, Inc. All rights reserved. 163
External NAS Data Tiering
Overview

• Cold data is periodically moved from the NAS primary storage to

Cohesity based on a tiering policy

• Tiering policy (downtiering and uptiering) is based on various

parameters, such as:
• The last time the file was accessed
• The last time the file was modified
• The size of the file
• File filtering based on the file type

© 2022 Cohesity, Inc. All rights reserved. 164

External NAS Data Tiering
Configuration Workflow
Allow cluster node IP
addresses to access the
NAS storage (e.g., add to
exports in case of NFS)

Cohesity Helios
Data Center | Edge | Public Cloud

Register the NAS Analyze data on Plan Tiering Create a

storage as Source the source Downtiering
(Generic NAS) Job

© 2022 Cohesity, Inc. All rights reserved. 165

1 Register a NAS Source

2 Explore External NAS Tiering Configuration Options

Demo
3 Trigger External NAS Tiering

4 Verify External NAS Tiering

5 Configure and Verify Uptiering

© 2022 Cohesity, Inc. All rights reserved. 166

Discussion

Question
All files will be A.True
automatically downtiered to
Cohesity from the NAS B. False
storage when configuring
External NAS Tiering.

© 2022 Cohesity, Inc. All rights reserved. 174

Discussion

Question
All files will be A.True
automatically downtiered to
Cohesity from the NAS B. False
storage when configuring
External NAS Tiering.

© 2022 Cohesity, Inc. All rights reserved. 175

CloudTier
Module 8

© 2022 Cohesity, Inc. All rights reserved.

CloudTier*
Overview

*CloudTier moves data (does not copy)

© 2022 Cohesity, Inc. All rights reserved. 177

CloudTier
Overview

• Enables an additional storage tier where cold data can be stored

• Utilize low-cost cloud storage for rarely used and inactive data
• Enable CloudTier to move rarely used and inactive data to the
cloud when HDD used capacity exceeds a set threshold (typically
80%).
• Down-tiered data is always compressed in addition to being
encrypted.
• Data movement is managed automatically by the cluster and
happens at block-level (cluster’s chunk-level).
• Once data is down-tiered, I/O operations for the down-tiered data
are serviced directly from the External Target.
• Once enabled, CloudTier cannot be disabled*.
• Only CloudTier data that doesn't have low latency
requirements.

© 2022 Cohesity, Inc. All rights reserved. *Verify with your Cohesity account team if your use case requires enabling
178CloudTier
CloudTier
Key Terms

Cold Data Data Policy

• Data that has not been accessed (read or written) within the • Age of data based on time (in seconds) since last accessed,
defined data policy age (data that “violates” the data policy) before being eligible for tiering (default is 60 days, configurable)

Warm Data Threshold

• Data that has been accessed (or newly written) within the • % of capacity (cluster or physical quota) consumed before data
defined data policy age (data that does not “violate” the data will be tiered to the external target (default is 80%,
policy) configurable)

Hot Data Up/Down Tiering

• Data in the external target that is profiled to have been • The process of moving data between tiers of storage within
read/written sufficient times as to qualify to be up-tiered back to Helios and external target.
the cluster

© 2022 Cohesity, Inc. All rights reserved. 179

CloudTier
CloudTier VS. CloudArchive

Parameter CloudTier CloudArchive

Definition The process of moving inactive or infrequently The process of moving a fully self- contained
accessed data (cold data) to an External Target copy of a backup, with data, metadata, and
while retaining the metadata on the cluster. indexing fingerprint.
Business need To reduce TCO Long-term retention, security, compliance
Trigger Tiering threshold Protection Policy schedule
Granularity Storage Domain Protection Group
Space reclamation Remains until/unless the user explicitly deletes the Automatic garbage collection, based on the
data. retention period that is defined in the
Protection Policy.
Limits There are limits to the amount of data that can be NA
tiered to an External Target. These limits are
governed by the size of the cluster and other
factors.

© 2022 Cohesity, Inc. All rights reserved. 180

CloudTier
Internal Workflow

• The tiering of cold data to an External Target is based on a policy with two factors:
tiering threshold and data policy.
• Tiering happens only if utilization exceeds the tiering threshold and there are data blocks that
meet the data policy:
• Tiering threshold: The percentage of space utilization that is set to trigger the tiering of cold data (default
80%, configurable)

• Data policy: Specifies the duration of time that the data must be inactive for it to be eligible for tiering
(default 60 days, configurable)

• The tiering threshold and data policy can be set on the Cohesity cluster, or on an
individual Storage Domain, or both.
• When set on the cluster, all Storage Domains inherit the setting. When set on an
individual Storage Domain, it is not applied to any other Storage Domains.
• Down-tiering process continues until the space utilization has returned to the tiering
threshold, or until there is no more eligible cold data.
• Once many I/O requests for the same data occur within a short period of time, the
down-tiered data is considered “hot” and is up-tiered back onto the cluster.

© 2022 Cohesity, Inc. All rights reserved. 181

CloudTier
Internal Workflow – Downtiering Algorithm

Storage Utilization is
scanned periodically

Utilization
NO YES
threshold
exceeded

NO YES
Data Policy met

Down-tier data

YES
NO Above threshold
and data policy?

© 2022 Cohesity, Inc. All rights reserved. 182

1 Register a CloudTier External Target

Demo 2 Review Cluster Threshold

3 Enable CloudTier at a Storage Domain Level

© 2022 Cohesity, Inc. All rights reserved. 187

CloudTier
Cluster VS. Storage Domain-level thresholds

• The Storage Domain-level CloudTier threshold can be set

only a Physical Quota is enabled for the Storage Domain

• The cluster threshold can only be overridden by a Storage

Domain if a Physical Quota is set on that Storage Domain

• Storage Domain thresholds take precedence over cluster

thresholds

© 2022 Cohesity, Inc. All rights reserved. 188

CloudTier
Impact of Fault Tolerance on Downtiered Data

Provider Class of Storage Fault Tolerance

S3 Standard RF1

S3 Intelligent-Tiering RF1
AWS
S3 Gov RF1

S3 C2S RF1

Hot Blob - Standard RF1

Azure
Hot Blob - Gov RF1

GCP Standard RF1

Oracle Object Storage Mirrors Storage Domain

Other External Targets S3 Compatible Mirrors Storage Domain

*Note that each cloud vendor storage option comes with its own storage redundancy (and can be configured from the cloud side)

© 2022 Cohesity, Inc. All rights reserved. 195

Discussion

Question
CloudTier can be used for A.True
disaster recovery use
cases. B. False

© 2022 Cohesity, Inc. All rights reserved. 196

Discussion

Question
CloudTier can be used for A.True
disaster recovery use
cases. B. False

© 2022 Cohesity, Inc. All rights reserved. 197

Check out our Data Security
Administration Class for a
deeper dive into the platform
security!

Security
Module 9

© 2022 Cohesity, Inc. All rights reserved.

Security
Encryption

© 2022 Cohesity, Inc. All rights reserved.

Encryption
Data-At-Rest

© 2022 Cohesity, Inc. All rights reserved.

At Rest –
Encryption
Overview
• Software-based (HW
accelerated) Encryption
• Uses AES 256 CBC
standard
• Transparent
• Resilient
• Federal Information
Processing Standards
(FIPS) 140-2 certified

© 2022 Cohesity, Inc. All rights reserved. 201

Cluster Encryption
At Rest (Cluster) – Scope

• Cluster Data Encryption

• Enabled on Cluster level at install or per Storage
Domain.
• Once enabled, it cannot be disabled.

• Cluster Metadata Encryption (6.6)

• Enabled only at Cluster Install.
• Once enabled, cannot be disabled.

• External Target Storage Domain Encryption

• CloudTier: Permanently enabled by default
• CloudArchive: Configurable

Storage Domain

Unencrypted Data

Encrypted Data
© 2022 Cohesity, Inc. All rights reserved. 202
At Rest (Cluster) – Keys

• Generated for each Storage Domain

and External Target.
• DEK (Data Encryption Key)
• Used to encrypt/decrypt data.
• Never stored in plain text or exposed.
Stored as an EDEK.
• Used for the lifetime of the data.
• Created by Internal KMS*.

• KEK (Key Encryption Key)

• Used to encrypt the DEK
• Can be stored by an Internal KMS or an
External KMS for each Storage Domain.
• Rotated Every 90 Days by default.
• Created by internal or external KMS.

© 2022 Cohesity, Inc. All rights reserved.

In-flight Traffic
External Target

1. Sources to Cohesity
Cluster for Sources
Backup/Recovery NAS storage

2. Cohesity Cluster to
External Target
3. Cohesity Cluster to 2
1
Cohesity Cluster Replication
Replication Cohesity Helios
Cohesity Helios
Data Center 3 Data Center | Edge | Public Cloud
4. Cohesity UI
1. IPMI
2. Cluster Dashboard 4
3. Helios Management
Dashboard
© 2022 Cohesity, Inc. All rights reserved. 205
In-flight – Backup Views: API-Based Backup/Recovery: NAS

• Protects SMB or NFS volumes where

encryption is enforced by NAS source.

• Encrypts backup traffic between the NAS

storage and Cohesity.

• Can be enabled by toggling on Encryption

button within the NAS Protection Group
configurations.

• Supported with all NAS protection types.

Note: For NFS volumes, you must add the active directory as the Kerberos server to the Cohesity cluster.
Cohesity supports only Active Directory-based Kerberos authentication.

206 © 2022 Cohesity, Inc. All rights reserved. 206

Security
Data and Management Access Control

© 2022 Cohesity, Inc. All rights reserved.

Management and Data Access Control
RBAC for Management Access

© 2022 Cohesity, Inc. All rights reserved.

RBAC for Management Access
Overview

© 2022 Cohesity, Inc. All rights reserved. 209

RBAC for Management Access
Overview

User & Group Management

Helios SaaS Individual cluster

• Super Admin
• Users, groups & roles
• MFA Cohesity UI
• SSO OS and hardware
• Quorum approvals • Admin • Support
• Users, groups & roles • Cohesity_console
• SSO • IPMI*
• Identity sources integration
• MFA (local users)
• IPMI*

*IPMI user management is at physical cluster node level

Restricts system access based on users’ role by creating custom users and roles

Default Role Description

Admin Full access to all actions

Operator Run existing Protection Groups and

trigger Recovery Tasks
Viewer Read-only access for all UI workflows

Self Service Data Protection Viewer role privileges with the ability to
manage clones and Protection Groups,
Policies, and creation of Recovery Tasks

SMB Security Grants SMB role privileges

Data Security Viewer role privileges and can create
DataLock Views and set DataLock
expiration dates.

© 2022 Cohesity, Inc. All rights reserved. 211

1 Create new custom role

Demo 2 Create a new local user and assign a role

3 Login to the cluster with the new local user

© 2022 Cohesity, Inc. All rights reserved. 212

Management and Data Access Control
Active Directory Integration

© 2022 Cohesity, Inc. All rights reserved.

Active Directory Integration
Overview

You can optionally join a Cohesity Cluster to one or more Active Directory (AD)
domains.

ü AD users and groups can be assigned Cohesity roles for management

ü Views authentication will be based on Active Directory credentials

ü Kerberos authentication is the default authentication protocol

ü NTLM authentication (NTLM version is determined by AD*) will be used if you access a
View or a cluster using an IP address, however, Kerberos authentication will always be
used if the cluster has joined more than one domain

ü By default (by can be changed in the UI), Cohesity uses the cluster name as the
Machine Account Name and creates the Computer Object on the Active Directory with
the same name as the Machine Account Name**.

ü Cohesity also supports AD trusts *Cohesity supports NTLM version 2

**New computer accounts or SPN need to be created when creating new VIPs with FQDN.
© 2022 Cohesity, Inc. All rights reserved. 214
1 Join Cluster to an Active Directory Domain

Demo 2 Add an Active Directory user

3 Login as an AD user

© 2022 Cohesity, Inc. All rights reserved. 217

Management and Data Access Control
Additional Security

© 2022 Cohesity, Inc. All rights reserved.

Management & Data Access Control
Single Sing-On & MFA (for Management Access)

Additional Security for

management access

Access Management > Access Management >

SSO MFA

See Manage SSO, MFA for local users, Support user and MFA for Helios SaaS
© 2022 Cohesity, Inc. All rights reserved. 219
*Applicable for Helios SaaS Management and individual clusters
Management and Data Access Control
File and Object Storage Access Control

© 2022 Cohesity, Inc. All rights reserved.

File and Object Storage Access Control
Restrict Access to Data (External Views)

Storage Domain

NFS/SMB/S3/Swift
Servers/apps
X Read/Write
Cohesity View

Cohesity Helios
Users
Data Center | Edge | Public Cloud

ExternalData
hostsSources
can not access or mount Cohesity Views unless the IP addresses are added to an allow list

© 2022 Cohesity, Inc. All rights reserved. 221

File & Object Storage Access Control
Allowlists

Cohesity supports three types of Allowlists:

• Global Allowlist - Applies to all Views, unless an IP address or a subnet is listed in a View
allowlist.

• View Allowlist - Applies to a single View

• Share Allowlist (SMB and S3 only) - Applies to a single Share (folders and subfolders in a
Cohesity View)

Global Allowlists don’t follow the rule of least privileges, therefore it’s recommended to set allow list at a View level

222 © 2022 Cohesity, Inc. All rights reserved. 222

File & Object Storage Access Control
Global Allowlists

223 © 2022 Cohesity, Inc. All rights reserved. 223

File & Object Storage Access Control
View-Level Allowlists

224 © 2022 Cohesity, Inc. All rights reserved. 224

File & Object Storage Access Control
Share-Level Allowlists

View (root share): CIFS-FileShare

Share: IT Department

Share: Operations

Apply allowlists and permissions at a nested share level

225 © 2022 Cohesity, Inc. All rights reserved. 225

File & Object Storage Access Control
File Filtering

Allow or block specific file types to be written to a View

226 © 2022 Cohesity, Inc. All rights reserved. 226

1 Global Allowlist

Demo 2 View Allowlist

3 Share Allowlist

© 2022 Cohesity, Inc. All rights reserved. 227

File & Object Storage Access Control
Integration with Identity Sources

Aside from Allowlists, the Cohesity Cluster provides secure controlled access to file and object
storage by integrating with various identity sources

• Active Directory

• LDAP (Lightweight Directory Access Protocol)

• Kerberos

• NIS (Network Information Services)

• Keystone

228 © 2022 Cohesity, Inc. All rights reserved. 228

NFS
File & Object Storage – Access Control

© 2022 Cohesity, Inc. All rights reserved.

File & Object Storage Access Control
NFS

Storage Domain

NFS 3.0 – NFS 4.1

Servers/apps
Read/Write
Cohesity View

Cohesity Helios
Users
Data Center | Edge | Public Cloud

Kerberos (MIT or AD) LDAP

External hosts can not access or mount Cohesity Views unless the IP addresses are added to an allow
list
© 2022 Cohesity, Inc. All rights reserved. *NIS can be used for authentication 230
File & Object Storage Access Control
NFS - Security

231 © 2022 Cohesity, Inc. All rights reserved. 231

File & Object Storage Access Control
NFS – Additional Security Options

Kerberos authentication requires an authentication provider (e.g., LDAP or NIS)

Refer to the LDAP and NIS configuration for more details on integrating NAS Views with Identity Sources
232 © 2022 Cohesity, Inc. All rights reserved. 232
1
Demo View NFS security settings

2 Test NFS security settings

© 2022 Cohesity, Inc. All rights reserved. 233

File & Object Storage Access Control
NFS Security Best Practice Tips

Consider the following when exporting NFS file systems to

minimize NFS security risks and protect data on Cohesity
ü Restrict access via View allowlists and select the appropriate NFS Squash option

ü Configure the NFS server to export file systems explicitly for the users who should
have access to it

ü Allow read-only access or squash user permissions to a common user and group ID
since a malicious or misconfigured client can easily get this wrong UID and GID’s (file
system permissions

ü Add an LDAP provider to the Cohesity cluster to provide access to NFS exports and
use Kerberos for authentication (you can map the AD domain to an LDAP provider
across SMB and NFS )

234 © 2022 Cohesity, Inc. All rights reserved. 234

CIFS/SMB
File & Object Storage – Access Control

© 2022 Cohesity, Inc. All rights reserved.

File & Object Storage Access Control
SMB/CIFS

Storage Domain

SMB 2.x – 3.0

Servers/apps
Read/Write
Cohesity View

Cohesity Helios
Users
Data Center | Edge | Public Cloud

Active Directory

External hosts can not access or mount Cohesity Views unless the IP addresses are added to an allow
list Inc. All rights reserved.
© 2022 Cohesity, 236
File & Object Storage Access Control
SMB/CIFS – SMB Options

© 2022 Cohesity, Inc. All rights reserved. 237

File & Object Storage Access Control
SMB/CIFS – Additional Options

© 2022 Cohesity, Inc. All rights reserved. 238

File & Object Storage Access Control
SMB/CIFS - Permissions

Permissions are equivalent to NTFS permissions* in Windows and Share Level Permissions are equivalent to Share Permissions
© 2022 Cohesity, Inc. All rights reserved. 239
*Note that you need to manage file/folder NTFS permissions from Windows side
1 Change Share Level Permissions

Demo 2 Verify security options in Windows

3 Change NTFS Permissions

4 Verify security options in Windows

© 2022 Cohesity, Inc. All rights reserved. 240

SMB

© 2022 Cohesity, Inc. All rights reserved.

File & Object Storage Access Control
SMB/CIFS – Super Users

© 2022 Cohesity, Inc. All rights reserved. 242

File & Object Storage Access Control
SMB/CIFS – Nested Share Level Permissions

© 2022 Cohesity, Inc. All rights reserved. 243

File & Object Storage Access Control
SMB/CIFS – Best Practices

Consider the following when exporting SMB to minimize SMB

security risks and protect data on Cohesity

ü Restrict access via View allowlists

ü Join the Cohesity cluster to Active Directory for SMB authentication and authorization

ü Use Encryption for SMB

244 © 2022 Cohesity, Inc. All rights reserved. 244

S3
File & Object Storage – Access Control

© 2022 Cohesity, Inc. All rights reserved.

File & Object Storage Access Control
S3 - Overview

Cohesity supports:

• S3 server over HTTPs

• Authentication with AWS Signature Version 2 and Version 4.

• AWS ACLs

• Access controlled via allowed subnets.

246 © 2022 Cohesity, Inc. All rights reserved. 246

File & Object Storage Access Control
S3 - Overview

To access a Cohesity S3 View, your IP address should be on an Allowlist and you

must provide a cluster Access and Secret Keys.

© 2022 Cohesity, Inc. All rights reserved. 247

File & Object Storage Access Control
S3 - Keys

Cluster > Access Management

Select the Admin account

Note: Other non-admin user accounts have S3 keys

Cohesity S3 Access Keys

Click Show Key to see

Secret Access Key

© 2022 Cohesity, Inc. All rights reserved. 249

File & Object Storage Access Control
S3 - Keys

These shortcuts allow you to copy keys to the clipboard, or generate a new key

© 2022 Cohesity, Inc. All rights reserved. 250

1 Access an S3 View

Demo
2 View S3 Keys

3 Regenerate the Secret Access Key

© 2022 Cohesity, Inc. All rights reserved. 251

© 2022 Cohesity, Inc. All rights reserved.

Mixed Protocol Views
File & Object Storage – Access Control

© 2022 Cohesity, Inc. All rights reserved.

File & Object Storage Access Control
Mixed Protocol Views – Configuration Options

254 © 2022 Cohesity, Inc. All rights reserved. 254

File & Object Storage Access Control
Mixed Protocol Views – NFS & SMB ID Mapping

Review to the Cohesity Identity and Access Management for File Services for further details
255 © 2022 Cohesity, Inc. All rights reserved. 255
Security
DataLock and LegalHold

© 2022 Cohesity, Inc. All rights reserved.

What is WORM?

WORM stands for Write Once Read Many. WORM technology is used
for Data Compliance needs. WORM technology makes data that is
written immutable and cannot be altered, deleted, or changed in any
way.

© 2022 Cohesity, Inc. All rights reserved. 257

Data Security – Data Security Role

The DATA SECURITY role is necessary to perform Legal Hold and

DataLock operations, within Cohesity Helios

© 2022 Cohesity, Inc. All rights reserved. 258

DataLock – Legal Hold VS DataLock

Purpose LEGAL HOLD DATALOCK

Business Need Reactive: Set on a specific Protection Run. Planned: Can be set on all
Protection Runs by applying the
Usually prompted by legal requirements. DataLock configuration at a Policy
level.

Can also be applied at a View level

Usually for Compliance requirements

Expiration No Expiration. Defined by Policy or View
Period DataLock configuration
Granularity Protection Run, Object-Level. Protection Run, View level

Deletion Can only be removed by a user with the Data Security Cannot be removed before the
role. DataLock Expiration date (not even
by a user with the Data Security Role
can delete).

© 2022 Cohesity, Inc. All rights reserved. 259

DataLock and LegalHold
DataLock

© 2022 Cohesity, Inc. All rights reserved.

Data Security - Policy DataLock Workflow

DataLock on Protection Runs

Locked
Removed
Retention

Locked Lock Expired

Retention

© 2022 Cohesity, Inc. All rights reserved. 261

Data Security – Policy DataLock Cheat Sheet
• Set on a policy by a user with the Data Security Role.
• A DataLocked Policy can only be modified by someone with the Data Security
Role. Making changes to a DataLocked Policy will not affect previous runs.

• A DataLocked Policy’s defined lock period can be scheduled per data target (Local
Cluster, Extended Retention, External Target, External Cluster) but must be less than
or match the retention period configured for the target.

ü When a DataLocked Policy is applied to a Protection Group, previous runs will not be
retroactively DataLocked. When an applied DataLocked Policy is modified, the
attached Protection Groups’ previously completed runs will not be affected.

• There is no way to unlock a run once locked by a DataLock Policy. The only
permissible change is to extend the locked period and can only be done by someone
with the Data Security Role.

• There is no way to delete a DataLocked run when locked (i.e., not the objects
within the run, the run, or the Protection Group’s snapshots).
© 2022 Cohesity, Inc. All rights reserved. 262
File DataLock – Automatic And Manual Lock
DataLock on Views
Autolock

Unlocked Locked Lock Expired

Can be
deleted &
modified
Lock Period Can be deleted,
Manually Lock but not modified
Note: File DataLock is only applicable for NFS and SMB View types.
© 2022 Cohesity, Inc. All rights reserved. 263
File DataLock - Override

DataLock on Views

Locked Lock Expired

Override
Lock Period Can be deleted,
but not modified

© 2022 Cohesity, Inc. All rights reserved. 264

1 Login to the Cohesity cluster with a user that has a Data Security role

Demo
2 Create a View and apply DataLock

3 Verify the DataLock configuration

© 2022 Cohesity, Inc. All rights reserved. 266

File DataLock - Clone

DataLock on Views

Unlocked Locked Lock Expired

Can be
deleted &
modified
Lock Period
Can be deleted,
but not modified
© 2022 Cohesity, Inc. All rights reserved. 267
1 Clone a View as a DataLock View

2 Login with. Data Security User

Demo
3 Edit Settings of a DataLock View

4 Delete a DataLock View

© 2022 Cohesity, Inc. All rights reserved. 268

Data Security – File DataLock: Enterprise vs Compliance
Operations Enterprise mode Compliance mode

Permission for the storage admin to delete a

Yes No
view irrespective of the retention policy

Permission for the storage admin to delete files

Yes No
in a view that has not expired
Permission for the storage admin to View
Yes No
rename.
Permission for the storage admin to edit DR
Yes No
view (within DataLock semantics)

Permission for the storage admin to increase

Yes No
the DataLock retention

Sec17-4 compliant No Yes

© 2022 Cohesity, Inc. All rights reserved. 269

DataLock – File DataLock Cheat Sheet

• Set on an External View by a user with the Data Security Role upon
creation.
• The lock mechanism (automatic, manual, override) and the length of the lock
period (seconds – forever) can be customized.
• There is no way to unlock a DataLocked file. The only permissible change
is to extend the locked period and can only be done by someone with the
Data Security Role.*
• There is no way to delete a DataLocked file (i.e., not the file, its parent
folder/s or view).*

Compliance: Strict adherence to WORM compliance

*Enterprise: Exceptions for administrators
© 2022 Cohesity, Inc. All rights reserved. 270
DataLock and LegalHold
LegalHold

© 2022 Cohesity, Inc. All rights reserved.

DataLock – Legal Hold

Legal Hold

© 2022 Cohesity, Inc. All rights reserved. 272

DataLock – Legal Hold Cheat Sheet

• Data Security role users can put a Legal Hold on existing Runs/Objects.
They cannot be deleted until the Legal Hold is removed.
• Legal Hold can be added to unlocked and DataLocked Runs.
• If you add a legal hold to a Protection Run, it applies to all the objects that
were backed up by that Protection Run, and the Legal Hold is propagated
to replicated and archived objects.
• If you add a Legal Hold only to selected objects in a Protection Run, the
Legal Hold is propagated to archived objects, but not to replicated objects.
You must manage the Legal Hold status on the remote replication Cluster
manually.
• Using Legal Hold for long periods of time may result in the Cluster
running out of space.
© 2022 Cohesity, Inc. All rights reserved. 274
1 Login to the Cohesity cluster with a user that has a Data Security role

2 Apply Legal Hold

Demo
3 Show Legal Hold in place

4 Remove Legal Hold

© 2022 Cohesity, Inc. All rights reserved. 275

Security
Accounting - Cluster and File Services Auditing

© 2022 Cohesity, Inc. All rights reserved.

Accounting
Overview

• The Cohesity cluster records all events and operations occurring on the cluster in a form of
Audit Logs.

• Audit logs contains details about events, such as date and time, category, type, and user.

• Audit logs help you to monitor and analyze the events that occurred and help your
organization to meet IT or regulatory compliance requirements like HIPAA.

• Can help cluster administrators to troubleshoot issues and investigate unauthorized or

suspicious activities.

Accounting
Overview

Accounting is implemented at two levels:

• Cluster-level, where each configuration operation is tracked

• File level, where each file access or change is tracked (for Cohesity NFS and
SMB Views)

Audit Logs Configuration Options*

• Enable or disable the audit logging and control the retention period (default is 90 days)
• Configuration applied to Protection Groups can be viewed from the Audit Trail tab within
the Protection Group page
• Exporting Audit logs to an external syslog server is highly recommended
• Users can view file services audit logs by accessing a file services auditing View via NFS or
SMB

Note: For a list of logged operations, see Cluster Audit Logs and File Services Audit Logs in the Cohesity documentation

*It’s recommended to configure an external Syslog server

To view the Cluster Audit Logs, navigate to System > Audit logs from the cluster GUI navigation bar

*It’s recommended to configure an external Syslog server

When you enable the Audit Log option for Views, Cohesity Helios
records events occurring on Views

• Unlike the cluster-level audit logs, the logs for Views are not displayed in the Cohesity UI

• The file services audit logs are saved in an internal View called filesystem_audit for NFS
and SMB

• You can access these views using the path COHESITY_AUDIT_VIEW\filesystem_audit

• By default, when you create a View, the Audit Log option is disabled. You must manually
enable it when creating the View or after creation.

Note: The File Services tab in the Audit Log page provides two mount paths for NFS and SMB. You can access those paths view the audit logs.

Accounting
File Services Audit Logs Enable Cluster or File
Services Audit logs, and
change the Log retention
period

To view the Cluster Audit Logs, navigate to System > Audit logs from the cluster GUI navigation bar

Accounting
File Services Audit Logs

Accounting
Audit Logs Settings & Retention

Enable or Disable Cluster and File Services Audit Logs, and set the Log Retention Period

1 View Cluster Audit Logs
Demo
2 View File Services Audit Logs

Discussion

A.Can be enabled by cluster local

admin user only
Question
What is true about
configuring Legal Hold?.
B. Can be enabled by a user with a
Data Security Role
C.Can be enabled by AD admin
user only
D.Can we enabled by any user

Discussion

A.Can be enabled by cluster local

admin user only
Question
What is true about
configuring Legal Hold?.
B. Can be enabled by a user with
a Data Security Role

C.Can be enabled by AD admin

user only
D.Can we enabled by any user

Discussion
A. The local admin and any user
with the Data Security Role can
increase the retention
Question
What is true about enabling B. Only the user with the Data
Enterprise mode DataLock Security Role can increase the
on a View? (Choose two) retention
C. Only the admin user can
increase the retention
D. A user with the Data Security
Role can change the mode to
Compliance

Discussion
A. The local admin and any user
with the Data Security Role
can increase the retention
Question
What is true about enabling B. Only the user with the Data
Enterprise mode DataLock Security Role can increase the
on a View? (Choose two) retention
C. Only the admin user can
increase the retention
D. A user with the Data Security
Role can change the mode to
Compliance

Discussion

Question
Only Internal Key A.True
Management Server can be
used to manage the B. False
encryption keys.

Discussion

Question
Only Internal Key A.True
Management Server can be
used to manage the B. False
encryption keys.

Discussion

Question A.Join the cluster to a Keystone

What is the option that can server
be used to add additional
security measures to B.Enable MFA
secure access to Cohesity
Views?. C.Join the cluster to AD domain
D. Enable SSO

Discussion

Question A.Join the cluster to a Keystone

What is the option that can server
be used to add additional
security measures to secure B.Enable MFA
SMB access to Cohesity
Views?. C.Join the cluster to AD domain
D. Enable SSO

Cohesity Marketplace
Module 10

Cohesity Marketplace
Overview

Cohesity Marketplace
One-Stop Shop for Apps and Integrations

App
A marketplace “app” is a containerized application that you can install on customer/partner-managed Cohesity clusters to
unlock additional value from your data.

Integration
Cohesity Software component that allows Cohesity to integrate with third-party IT infrastructure components, such as
Cisco, Palo Alto Networks, ServiceNow, and PagerDuty.
.

Cohesity Marketplace
Integration

The New Integrations Published to the Marketplace

Cohesity Marketplace
Apps

Collection of apps that you Cohesity certified apps

jointly developed by Easy, one-click access from
can run on a Cohesity Variety of use-cases
Cohesity and Cohesity Helios
cluster
partners

• Traditionally, you need to have

another data silo for use cases • Cohesity Marketplace Apps
such as:
• Analytics
• Antivirus • Cohesity Helios Management
• Auditing and Compliance
• Cohesity Marketplace Apps runs
on the same unified and secure • DataPlatform powered
Platform by SpanFS®

1 Navigate to the Cohesity Marketplace

Cohesity 2 Show Apps

Marketplace

3 Show integrations

Cohesity Marketplace Apps
Requirements

Cohesity Marketplace Apps
Requirements - Overview

• Cohesity uses a Kubernetes-based platform for the apps

• The cluster assigns unique IP address through a standard

Kubernetes model from an admin-configured private network

• Apps need a /16 private IPv4 subnet (until 6.5.1x) and a /20
private IPv4 subnet (from 6.6)

• Apps can communicate with external hosts outside a cluster

using NAT

Cohesity Marketplace Apps
Requirements - Sizing Guidelines*

• Enabling apps management requires each

cluster node to have a minimum of 12 QoS Policy % of resources
available from the
CPUs and 55 GB RAM "reserved" 12% per
node

• Each node reserves 12% of resources for Low 10

Apps
Medium 25
• 8 % reservation + 4% overcommit
High 50
• Apps can be run with different levels of Max (Available for 90
QoS policies as depicted in the table 6.5.1 and later)

*Ensure that you review the sizing with your account team if you are planning to install Apps on any of your clusters
© 2022 Cohesity, Inc. All rights reserved. 305
Cohesity Marketplace Apps
Install Apps

Configure Apps network

and enable Apps at the
cluster level

Cohesity Helios
Data Center | Edge | Public Cloud

Download the through Install the App Configure QoS and Access the app
Helios SaaS through Helios launch the app through its
SaaS* interface

*You can also manually upload the app package to the cluster. Useful approach for dark sites

1 Configure the Apps private network
Demo
2 Enable Apps at cluster level

Cohesity Marketplace Apps
ClamAV

Cohesity Marketplace Apps
ClamAV – Overview (without Antivirus App Integration*)

User

• Data stored on NAS • Antivirus scan request • Remote servers do A/V scanning
• Data moved to be scanned

*Cohesity supports integration with Antivirus solutions that adheres to RFC3507 based implementation of ICAP
© 2022 Cohesity, Inc. All rights reserved. 310
Cohesity Marketplace Apps
ClamAV – Overview (With Antivirus App Integration)

File Access

File Access Granted/Denied

Cohesity Helios
User Data Center | Edge | Public Cloud

• An antivirus scan request is issued

• Antivirus scanning run in place

Simple Economical Efficient

Cohesity Marketplace Apps
ClamAV – Configuration Options

Cohesity Marketplace Apps
ClamAV – Scan Results

1 Install ClamAV

Demo 2 Launch ClamAV

2 ClamAV UI

Cohesity Marketplace Apps
Spotlight

Cohesity Marketplace Apps
Spotlight – Overview

The Cohesity Spotlight app enables you to analyze file audit logs and user
activities using various parameters.

User Activity

Spotlight App dashboard

Spotlight App
Cohesity View

Cohesity Marketplace Apps
Spotlight – Overview

Detect and get alerted on file-access,

Detect
read, write, delete patterns

Search file audit logs and to take

Search
proactive actions

Get better data visibility by creating

Visualize custom dashboards

Cohesity Marketplace Apps
Spotlight – App requirements

System > Audit Logs

Spotlight has a customizable dashboard

2 Install Spotlight

Demo
3 Launch Spotlight

4 Spotlight UI

1 Enable File Audit Logs

2 Install Spotlight

Demo
3 Launch Spotlight

4 Spotlight UI

Cohesity Marketplace Apps
Insight

Cohesity Marketplace Apps
Insight – Overview

The Cohesity Insight app enables you to search for text strings within files that
are stored within Cohesity Views.

Insight App

Cohesity View

Insight App Search Results

Cohesity Marketplace Apps
Insight – Overview

Instant search, discovery, and remediation of

Search out of compliance files and data – such as PII

Autoindexing Index once, search instantly

Fine-grained policy control on search and

Control indexing

Cohesity Marketplace Apps
Insight – Configuration Options

Cohesity Marketplace Apps
Insight – Considerations

• The following file types are supported: txt, pdf, doc, docx, xls, xlsx, ppt,
pptx, html, and zip

• The search is NOT case sensitive

• You can use an asterisk * as a wildcard

• The Insight app continuously indexes files to give you up-to-date search
results. Initial searches may take additional time propagate

1 Install Insight

Demo 2 Launch Spotlight

3 Insight UI

1 Install Insight

Demo 2 Launch Spotlight

3 Insight UI

Discussion

A.The cluster must be registered

with Helios SaaS Management
Question
What is true about installing B.Apps packages can be uploaded
Apps on a Cohesity directly to individual cluster
cluster?.
C.Apps management is enabled by
default
D. Installing apps requires AD

Discussion

A.The cluster must be registered

with Helios SaaS Management
Question
What is true about installing B.Apps packages can be
Apps on a Cohesity uploaded directly to individual
cluster?. cluster
C.Apps management is enabled by
default
D. Installing apps requires AD

Discussion

Question
Cohesity Spotlight App can A.True
be used to search for files
that contains a specific B.False
keyword.

Discussion

Question
Cohesity Spotlight App can A.True
be used to search for files
that contains a specific B.False
keyword.

Discussion

Question
All Marketplace apps A.True
require a license.
B.False

Discussion

Question
All Marketplace apps A.True
require a license.
B.False

Check out our Supporting and
Troubleshooting Class for a deeper
dive into the platform troubleshooting!

Operations, Monitoring, and

Troubleshooting
Module 11

Advanced Configuration

Networking

Networking
Overview

IP configuration, VLAN, firewall rules IP configuration, VLAN, firewall rules

Interface Group 1 (Intf_group1) Interface Group 2 (Intf_group2)

br0 br1 br0 br1 br0 br1

bond0 bond1 bond0 bond1 bond0 bond1

0 1 2 3 0 1 2 3 0 1 2 3

Node Node
Node 3
1 2
*Same concept applies to Cohesity clusters that are installed on hypervisors and on public cloud
© 2022 Cohesity, Inc. All rights reserved. 339
**bridge interfaces do not show in the Cohesity UI
Networking
Cluster VIPs

Each VIP can have a FQDN

2 Verify VIPs

Networking
Internal Load Balancer (Inbound DNS)

• Traditionally, when nodes are added or removed, DNS must be updated with
new VIPs
• Load-balancing is based on DNS round-robin

• Admins manage load balancing by manually allocating VIP(s)

• The Cohesity Internal Load Balancer solves the scalability challenges by

delegating VIP assignment to the Cohesity cluster’s DNS service

Networking
Internal Load Balancer (Inbound DNS)
Client’s DNS Query:
1 shares.cohesity-
a.cohesitylabs.az? Zone delegation of shares.cohesity-
a.cohesitylabs.az? to 10.1.1.8
Corporate DNS server (Cohesity DNS VIP) is configured

5 DNS Response: 10.1.1.2

4 2
Client’s DNS Query is forwarded to
DNS Response: 10.1.1.2 Cohesity

View/Share FQDN:
shares.cohesity-a.cohesitylabs.az?
shares.cohesity-a.cohesitylabs.az
Distributed DNS Service
Cohesity Helios
Data Center | Edge | Public Cloud

10.3.3.1 10.3.3.2 10.3.3.3 10.3.3.4 10.3.3.5

10.1.1.1 10.1.1.2 10.1.1.3 10.1.1.4 10.1.1.5
10.2.2.8
10.1.1.8
Node IP addresses

Node VIPs

See the SmartFiles Internal Load-Balancer reference guide

343
Reporting

Reporting
Overview

Compliance & Audit Capacity Planning Daily Operations

Reporting
Overview

Reporting

Helios SaaS UI Global Data Management Individual cluster UI

• Multi-cluster level reporting • Individual cluster level reporting

• Individual cluster level reporting • User defined scope control with
• User defined scope control with filtering capabilities
filtering capabilities • On Demand and Scheduled report
• On Demand and Scheduled report generation
generation • Reports available in different formats
• Reports available in different (CSV, HTML)
formats (CSV, Excel, PDF) • Custom Reporting is also an option

Reporting
Helios SaaS Reporting

Refer to Helios SaaS Reports section in the Cohesity documentation

Demo
2 Storage Consumption by Views

Reporting
Individual Cluster Reporting

Protection
Storage/Capacity Objects
Group
• Cluster Wide Storage • Protected Objects Heat • Backup Summary
Map
• Data Transferred to • Protection Groups
External Targets • Protection Details Per Inventory and Schedule
Object
• Storage Consumed by • Protection Runs
File Categories • Protection Summary by Summary
Object Type
• Storage Consumed by • Top Protection Groups
Storage Domains
• User Quotas
• Directory Quotas

Refer to Cluster Reports section in the Cohesity documentation

Demo 2 Protected Objects Heatmap report

3 Backup Summary report

Helios Reports
Reporting
Individual Cluster Reporting - Custom
Reporting

Single-Cluster Custom Reporting

Read-Only • Use third-party tools like Tableau to get
(27999) Third-Party read-only access to a single cluster’s
PostgreSQL reporting database.
Tools
• Long Term retention and customization
• Custom Reporting Guide /
Cohesity Helios Documentation
Data Center | Edge | Public Cloud

Troubleshooting & Operations Tools

Troubleshooting & Operations Tools
Overview

Troubleshooting & Operation Tools
Overview

Cohesity References and Documentation

Cohesity Graphical User Interface

Cohesity CLI

Cohesity Log Files

Troubleshooting & Operations Tools
Documentation & References

Troubleshooting & Operation Tools
Documentation & References
https://my.cohesity.com

MyCohesity FAQ & Knowledge Articles

© 2022 Cohesity, Inc. All rights reserved. 366
Troubleshooting & Operation Tools
Documentation & References
https://my.cohesity.com >> Select “Product Documentation”

Troubleshooting & Operation Tools
Documentation & References
https://my.cohesity.com >> Select “Support”

Cohesity Global Support and Services Handbook

Troubleshooting & Operation Tools
User Interface

• Switch to Cluster Manager if you are in the

Global View

• Helios SaaS “All Clusters” view

• A multi-cloud single global pane of glass interface to manage, protect
data, run services, on-premises or SaaS

• Helios SaaS “Cluster” view or individual cluster

UI
• A UI interface that allows configuring cluster-level settings,
troubleshooting, and reporting

Troubleshooting & Operation Tools
User Interface

Dashboards and Alerts –

System pages – Health,
Alerts, overview of the system
performance, capacity
health

CLI – Apply advanced Pulse logs – Details on

configuration and perform backup, recovery, and cloning
advanced diagnostics operations

Troubleshooting & Operation Tools
Helios SaaS “All Clusters”

The summary dashboard show all the errors and warnings that have been identified
across the entire clusters. Available for All Clusters and cluster level
© 2022 Cohesity, Inc. All rights reserved. 372
Troubleshooting & Operation Tools
Alerts & Health

Click on any of the alerts to get more details about

Select a specific the alert.
category or type of
Each alert has a unique alert code that can be
alert(s) to show.
used to get further details

Troubleshooting & Operation Tools
Alerts & Health All Clusters view

Critical

Info

Warning

Alternatively, you can navigate to the health page to view all alerts across all the clusters

Troubleshooting & Operation Tools
Alerts & Health

Details Configure

• Alerts Reference • Setup rules to send to:

Email
• Cluster generated with SNMP
severity: critical, warning Syslog
or informational Webhook
• Alerts generate cases
• Aggregated by Alert when a local Cluster is
Code and affected joined to Helios.
object.
• Can be resolved via the
• Found within the UI UI for auditing and
(Helios & Local) and the resolution tracking.
mobile app. Referenced
in dashboard and • Can be silenced within Helios: Cluster Manager (All Clusters) > System >
system data. Helios (Site Continuity) Health > Notification
Local UI: System > Health > Settings.

Troubleshooting & Operation Tools
Other Dashboards
All Clusters view

You can use other available dashboards to view more details about Data Protection,
File Services, Cloud, and Security.
© 2022 Cohesity, Inc. All rights reserved. 377
1 Review Alert locations and Dashboards within Helios and the Local UI.

Demo
2 Search for an Alert Code within the Knowledge Base

3 Resolve an Alert

Troubleshooting & Operation Tools
System Pages
Cohesity provides statistics in charts and graphs that includes the following:

• Storage Statistics
• In the single cluster Helios UI view, Select System > Storage in the Cohesity navigation bar

• Performance Statistics
• In the single cluster Helios UI view, Select System > Performance in the Cohesity navigation bar

• Advanced diagnostics (allow you to customize the plotted statistics)

• In the single cluster Helios UI view, select System > Advanced Diagnostics in the Cohesity navigation bar

1 Storage page
Demo
2 Performance

Troubleshooting & Operation Tools
Pulse Logs

• Cohesity nodes are all installed with

identical cluster services that are
dedicated to specific tasks. The major
SmartFiles Service is called Bridge.

• The UI reports the progress of its tasks

like backup, recovery, and cloning in the
Pulse Logs.

Troubleshooting & Operations Tools
CLI

Cohesity Troubleshooting Tools
CLI

• CLI access can be used for advanced

configuration (like applying Gflags), and
advanced troubleshooting tasks

• Access CLI using CLI terminals or SSH

clients

• See Run the Cohesity CLI Remotely

in the Cohesity documentation for
more steps on how to access the
Cohesity CLI

Cohesity Troubleshooting Tools
CLI - Logs

• Use the CLI to capture timecapsules (cluster logs)

• The timecapsule command is the command used to capture

a log bundle of Cohesity services across a single or multiple
nodes in a Cohesity cluster for a specified time range

• See Run the Cohesity CLI Remotely for more details on

collecting timecapsules

1 Show the Support User
Demo
2 Access cluster CLI

Troubleshooting Common Issues

Troubleshooting Common Issues
Overview

Mounting View Issues Accessing View Issues View Permissions Issues

Troubleshooting Common Issues
Accessing a View Fails
Could not access or mount a Cohesity share on a client

Resolution: Ensure that the subnet of the host is included as a part of the Allowlist
© 2022 Cohesity, Inc. All rights reserved. 395
Troubleshooting Common Issues
Accessing a View Fails
Dashboard or SMB View authentication with AD credentials fails with an IP address and succeeds
with the DNS name. Specifying an IP address prompts the user for AD credentials

Resolution: Enable NTLMv2 on AD side.

SMB View authentication with AD credentials fails when trying to access a View via a
FQDN of a new VIP.

Resolution: The FQDN must be added to the DNS infrastructure

Troubleshooting Common Issues
Accessing a View Fails
SMB View authentication with AD credentials fails when trying to access a View via a
FQDN of a new VIP.

Resolution: Add multiple computer accounts for each new VIP, or add Service Principal Names (SPNs) for each new VIP to the cluster’s computer account
© 2022 Cohesity, Inc. All rights reserved. 398
Troubleshooting Common Issues
Accessing a View File and
Folders
An SMB share user cannot browse all files and folders

When a user browses an SMB share, only the files and folders that a user has
privileges to access are displayed if Access Based Enumeration is enabled.
Resolution: Verify if the user has privileges to access the files and folders.

Troubleshooting Common Issues
File and Folder Permissions

NTFS permissions changes are not inherited to subfolders or

files in a View

Resolution: This behaviour is expected. NTFS permission changes apply only to new files and folders created at the root level.

Troubleshooting Common Issues
Mounting a View Fails
Could not access or mount a Cohesity share on a Linux client as
an NFS share
Attempting to access an NFS share fails with the error:

“Error: nfs: server {server name} not responding, still

trying”
Resolution: Increase the NFS timeout window to get the issue resolved.

Troubleshooting Common Issues
Checklist

ü Is client IP address added to the Allowlist?

ü Is Access-Based Enumeration (ABE) enabled for SMB?
ü Is Browsable Shares enabled for SMB?
ü Is Discoverable Shares enabled for NFS?
ü Are the AD credentials correct?
ü Does the user have sufficient privileges?
ü Are the AD privileges configured correctly?
ü Is the domain reachable?
ü Is there any LDAP servers that are unreachable?
ü Is the correct Share path being used?

Discussion

A. Admin
Question B. Cohesity_console
What is the user that needs
to be used to open SSH to a C. Cohesity
Cohesity cluster node?.
D. Support

Discussion

A. Admin
Question B. Cohesity_console
What is the user that needs
to be used to open SSH to a C. Cohesity
Cohesity cluster node?.
D. Support

Discussion

A. Gandalf
Question B. Apollo
What is the major cluster
internal service that is C. Bridge
responsible for managing
SmartFiles IO operations D. Magneto
like writing data on local
storage?.

Discussion

A. Gandalf
Question B. Apollo
What is the major cluster
internal service that is C. Bridge
responsible for managing
SmartFiles IO operations D. Magneto
like writing data on local
storage?.

Discussion

A. Make sure that users access

Views via VIPs
Question
In a multi-node Cohesity B. Make sure that users access
cluster, how can you ensure Views via node IP addresses
that a node failure becomes
transparent to users who C. Make sure that users access
access Cohesity Views?. Views via IPMI IP address
D. Make sure that users access
Views via OSPF routing

Discussion

A. Make sure that users access

References

References
Documentation and KB articles

• SmartFiles Documentation

• Cohesity Beyond NAS SmartFiles

• Cohesity Internal Load-Balancer

• Cohesity SmartFiles Integration with Active Directory - Best Practices

• Cohesity Platform Auditing

• Cohesity Identity & Access Management for File-Services

• Recommended settings when using Cohesity SmartFiles*

• Unable to mount or access a SMB View with credential prompt on every attempt
© 2022 Cohesity, Inc. All rights reserved. 412
*ONLY appy gflags after consulting with Cohestty support
References
Documentation and KB articles

• Cohesity Partner Program

• Professional Services Authorization Partner (can only be accessed by authorized

partners)

Thank You

Cohesity, the Cohesity logo, SnapTree, SpanFS, DataPlatform, DataProtect, Helios, and other Cohesity marks are trademarks or registered trademarks of Cohesity, Inc.
in the US and/or internationally. Other company and product names may be trademarks of the respective companies with which they are associated. This material (a) is
intended to provide you information about Cohesity and our business and products; (b) was believed to be true and accurate at the time it was written, but is subject to
change without notice; and (c) is provided on an “AS IS” basis. Cohesity disclaims all express or implied conditions, representations, warranties of any kind.
cohesity.com

Cohesity, the Cohesity logo, SnapTree, SpanFS, DataPlatform, DataProtect, Helios, and other Cohesity marks are trademarks or registered trademarks of Cohesity, Inc. in the US and/or internationally. Other company and
product names may be trademarks of the respective companies with which they are associated. This material (a) is intended to provide you information about Cohesity and our business and products; (b) was believed to be
true and accurate at the time it was written, but is subject to change without notice; and (c) is provided on an “AS IS” basis. Cohesity disclaims all express or implied conditions, representations, warranties of any kind.

Setup Guide C5000
No ratings yet
Setup Guide C5000
40 pages
Data Protection For FlashStack With Cohesity Reference Architecture
No ratings yet
Data Protection For FlashStack With Cohesity Reference Architecture
58 pages
Course Introduction
No ratings yet
Course Introduction
26 pages
Cohesity
100% (1)
Cohesity
17 pages
Cohesity Data Protection White Paper
No ratings yet
Cohesity Data Protection White Paper
12 pages
Cohesity Best Practices Oracle RMAN
No ratings yet
Cohesity Best Practices Oracle RMAN
38 pages
NetBackup10201 Dedupe Guide
No ratings yet
NetBackup10201 Dedupe Guide
656 pages
CVCSA - M01 - CommServe
No ratings yet
CVCSA - M01 - CommServe
53 pages
Netbackup 8.0 Blueprint OpsCenter
No ratings yet
Netbackup 8.0 Blueprint OpsCenter
59 pages
HPE StoreOnce Catalyst Store Overview
No ratings yet
HPE StoreOnce Catalyst Store Overview
6 pages
Module+7 - Data Domain Virtual Tape Library
No ratings yet
Module+7 - Data Domain Virtual Tape Library
64 pages
DD OS 5.2 Initial Configuration Guide
No ratings yet
DD OS 5.2 Initial Configuration Guide
58 pages
Module 1 - Avamar Fundamentals
No ratings yet
Module 1 - Avamar Fundamentals
52 pages
NetBackup Copilot Configuration Guide - 2.7.3
No ratings yet
NetBackup Copilot Configuration Guide - 2.7.3
50 pages
ActiveCluster Requirements and Best Practices
No ratings yet
ActiveCluster Requirements and Best Practices
11 pages
APTARE IT Analytics: Presenter Name
No ratings yet
APTARE IT Analytics: Presenter Name
16 pages
VCS-285 NBU10.x App5.x ExamPreparationGuide
No ratings yet
VCS-285 NBU10.x App5.x ExamPreparationGuide
8 pages
Commvault Professional Foundations Lab Guide 11 26 1
No ratings yet
Commvault Professional Foundations Lab Guide 11 26 1
61 pages
Customer Presentation - Unity Overview4
No ratings yet
Customer Presentation - Unity Overview4
26 pages
EMC Networker and EMC Data Domain Boost Duplication Devices
No ratings yet
EMC Networker and EMC Data Domain Boost Duplication Devices
108 pages
NetWorker 7.3.2 For Linux Installation Guide - Linuxig - 7.3.2
100% (1)
NetWorker 7.3.2 For Linux Installation Guide - Linuxig - 7.3.2
82 pages
Nutanix Files User Guide
No ratings yet
Nutanix Files User Guide
70 pages
Veeam Backup 11 0 Tapes User Guide
No ratings yet
Veeam Backup 11 0 Tapes User Guide
235 pages
RecoverPoint Deployment FAQs and Considerations
No ratings yet
RecoverPoint Deployment FAQs and Considerations
15 pages
Docu86393 - ViPR SRM 4.1.1 SolutionPack Guide
No ratings yet
Docu86393 - ViPR SRM 4.1.1 SolutionPack Guide
306 pages
VMCE V12-Demo
No ratings yet
VMCE V12-Demo
6 pages
h12642 WP Emc Vplex Leveraging Native and Array Based Copy Technologies
No ratings yet
h12642 WP Emc Vplex Leveraging Native and Array Based Copy Technologies
51 pages
h7296 Data Domain Boost Openstorage WP PDF
No ratings yet
h7296 Data Domain Boost Openstorage WP PDF
45 pages
Stornext 7 Backup Procedure Guide
No ratings yet
Stornext 7 Backup Procedure Guide
4 pages
Veeam Pass4sure VMCE - V9 v2018-11-18 by Abigail 110q
No ratings yet
Veeam Pass4sure VMCE - V9 v2018-11-18 by Abigail 110q
51 pages
Single-Node and Two-Node Clusters FAQ
No ratings yet
Single-Node and Two-Node Clusters FAQ
13 pages
NetBackup101 AdminGuideI Server
No ratings yet
NetBackup101 AdminGuideI Server
1,283 pages
CVTSP24 - Module 05 - Commvault Auto Recovery
No ratings yet
CVTSP24 - Module 05 - Commvault Auto Recovery
24 pages
BP Eternus cs200c Inst Conf Guide WW en PDF
100% (1)
BP Eternus cs200c Inst Conf Guide WW en PDF
56 pages
HPE Primera OS Configuring and Managing Data Replication Using Remote
No ratings yet
HPE Primera OS Configuring and Managing Data Replication Using Remote
98 pages
NBU10-1-1 Licensing Guide Final
No ratings yet
NBU10-1-1 Licensing Guide Final
31 pages
Cohesity BestPractices Guide VMware VSphere Data Protection
No ratings yet
Cohesity BestPractices Guide VMware VSphere Data Protection
32 pages
Veeam Backup & Replication 9.0 Release Notes
No ratings yet
Veeam Backup & Replication 9.0 Release Notes
23 pages
ExaGrid Detailed Product Description - DS 10
No ratings yet
ExaGrid Detailed Product Description - DS 10
35 pages
CVTSP1120-M01-An Introduction To Commvault
No ratings yet
CVTSP1120-M01-An Introduction To Commvault
16 pages
Cohesity Oracle RMAN Solution Guide
No ratings yet
Cohesity Oracle RMAN Solution Guide
22 pages
HPE7-M01 - Demo
No ratings yet
HPE7-M01 - Demo
11 pages
CDM Technical Overview & How It Works WHITE PAPER
100% (1)
CDM Technical Overview & How It Works WHITE PAPER
41 pages
Best Practices Guide For Dell EMC Unity Storage Integration: Michael Cade
No ratings yet
Best Practices Guide For Dell EMC Unity Storage Integration: Michael Cade
39 pages
FY22 - Q4-Heroes - DPS PPDM TSDM DNAS
No ratings yet
FY22 - Q4-Heroes - DPS PPDM TSDM DNAS
27 pages
Veritas NetBackup Backup Planning and Performance Tuning Guide
No ratings yet
Veritas NetBackup Backup Planning and Performance Tuning Guide
172 pages
Veeam Backup 9 0 Summary
No ratings yet
Veeam Backup 9 0 Summary
4 pages
4112-3 ONTAP Select Fundamentals - Architecture, Performance, Value
No ratings yet
4112-3 ONTAP Select Fundamentals - Architecture, Performance, Value
35 pages
IBM Spectrum Protect Plus DB
No ratings yet
IBM Spectrum Protect Plus DB
142 pages
NS0-003 - A Tung
No ratings yet
NS0-003 - A Tung
34 pages
Commvault Intellisnap For NetApp
No ratings yet
Commvault Intellisnap For NetApp
28 pages
CommServe Installation Guide
No ratings yet
CommServe Installation Guide
3 pages
CVSA19-M02 - Policies and Plans
No ratings yet
CVSA19-M02 - Policies and Plans
17 pages
Cohesity Data Security Administration
No ratings yet
Cohesity Data Security Administration
2 pages
Cohesity With Cisco UCS v1.3
100% (1)
Cohesity With Cisco UCS v1.3
104 pages
Cohesity Academy Customer Course Catalog
No ratings yet
Cohesity Academy Customer Course Catalog
14 pages
Cohesity Helios Installation Service Data Sheet
No ratings yet
Cohesity Helios Installation Service Data Sheet
2 pages
Cohesity Platform Administration
No ratings yet
Cohesity Platform Administration
2 pages
Cohesity Troubleshoot
No ratings yet
Cohesity Troubleshoot
2 pages
Debashish Roy: Finance & Marketing Resume
No ratings yet
Debashish Roy: Finance & Marketing Resume
4 pages
RDP Installation Guide
No ratings yet
RDP Installation Guide
46 pages
Understanding SAP BTEs for Enhancements
No ratings yet
Understanding SAP BTEs for Enhancements
15 pages
Unit 4
No ratings yet
Unit 4
48 pages
SSPCA Application Guide for Institutes
No ratings yet
SSPCA Application Guide for Institutes
22 pages
Mail-Secure 2000-3000 For Midsized Businesses: Product Overview
No ratings yet
Mail-Secure 2000-3000 For Midsized Businesses: Product Overview
3 pages
Businessman Cityscape PowerPoint Templates
No ratings yet
Businessman Cityscape PowerPoint Templates
48 pages
GC 2024 12 09
No ratings yet
GC 2024 12 09
5 pages
Azure NSG and ASG Configuration Guide
No ratings yet
Azure NSG and ASG Configuration Guide
2 pages
Internal Assignment: M.Sc. (Computer Science) - Previous
No ratings yet
Internal Assignment: M.Sc. (Computer Science) - Previous
8 pages
(WORD 365-2019) Mocktest 2
No ratings yet
(WORD 365-2019) Mocktest 2
6 pages
Accenture Test - 8
No ratings yet
Accenture Test - 8
16 pages
Restore Your USB Key To It's Original State - USB Pen Drive Linux
No ratings yet
Restore Your USB Key To It's Original State - USB Pen Drive Linux
4 pages
Windows UI Suite Setup Guide
No ratings yet
Windows UI Suite Setup Guide
6 pages
PowerPoint Quick Reference Guide
No ratings yet
PowerPoint Quick Reference Guide
5 pages
Enterprise Application Integration Overview
No ratings yet
Enterprise Application Integration Overview
126 pages
College Management System IRJET-V3I5136
No ratings yet
College Management System IRJET-V3I5136
3 pages
Office 365 - Third-Party Vulnerability Assessment of Microsoft 365 - 2020 PDF
No ratings yet
Office 365 - Third-Party Vulnerability Assessment of Microsoft 365 - 2020 PDF
7 pages
Dlcode Users Manual 1.12 Eng
No ratings yet
Dlcode Users Manual 1.12 Eng
232 pages
Memahami Acara Dan Pengecualian (Exceptions)
No ratings yet
Memahami Acara Dan Pengecualian (Exceptions)
12 pages
Oops With Java
No ratings yet
Oops With Java
17 pages
PVTC Technical Requirements
100% (1)
PVTC Technical Requirements
10 pages
Multimedia Retrieval Systems
No ratings yet
Multimedia Retrieval Systems
3 pages
Diploma in Computer Engineering: Annexure-1 Part A Micro Project Report On
No ratings yet
Diploma in Computer Engineering: Annexure-1 Part A Micro Project Report On
16 pages
Charting Survey Results in Excel (Visualize Employee Satisfaction Results)
No ratings yet
Charting Survey Results in Excel (Visualize Employee Satisfaction Results)
39 pages
Csci31 Exercises
No ratings yet
Csci31 Exercises
10 pages
AI Presentation Maker: Fast & Easy Decks
No ratings yet
AI Presentation Maker: Fast & Easy Decks
4 pages
5 1 PySpark Parameters - Widgets
No ratings yet
5 1 PySpark Parameters - Widgets
3 pages
Aiida Core
No ratings yet
Aiida Core
680 pages
SAP UI5 Models and Binding: TCS Internal
No ratings yet
SAP UI5 Models and Binding: TCS Internal
14 pages