Storage Integration
FlashBlade/FlashArray Integration
This section describes how to integrate Data Security Essentials with your FlashBlade/FlashArray storage system.
FlashBlade sends syslog messages over UDP or TCP, while FlashArray sends audit events exclusively using TCP.
Enabling Data Stream
- CLI Method
- Pure Console Method
-
Log into Console
SSH into the FlashBlade/FlashArray console
-
Create Syslog Entry
For FlashBlade, create a syslog server entry using UDP:
purelog create –uri udp://<ip-address-of-superna-dses-server> –services data-audit superna-dses-syslog-server
For FlashArray, create a syslog server entry using TCP:
purelog syslog create --uri tcp://<ip-address-of-superna-dses-server> --services data-audit superna-dses-syslog-server
-
Create Audit Policy
For FlashBlade, create the audit policy:
purepolicy audit file create superna-dses-syslog-audit –log-targets superna-dses-syslog-server
For FlashArray, create the audit policy with a different syntax:
purepolicy audit file create --targets superna-dses-syslog-server superna-dses-syslog-audit
-
Assign Policy
For FlashBlade, assign the policy at the file system level:
purepolicy audit file add superna-dses-syslog-audit –fs <file-system-name>
For FlashArray, assign the policy at the directory level:
purepolicy audit file add --dir <directory-name> superna-dses-syslog-audit
-
Verify Configuration
Navigate to Settings -> Monitoring to verify the syslog entry
-
Navigate to Monitoring
Go to Settings -> Monitoring and create a new syslog
-
Enter Server Address
Enter the IP address of the Windows Server where Data Security Essentials is installed
-
Configure Audit Policy
For FlashBlade:
Go to Policies -> Audit and create the audit policyFor FlashArray:
Go to Storage -> Policies -> Audit Policies and create the audit policy -
Assign Policy
For FlashBlade Click on the policy and assign file systems to it
For FlashArray
Click on the policy and assign directories to it
Configuring Windows Auditing Permissions
-
Access Properties
Right-click on the file system in Windows Explorer and select Properties
-
Open Security Settings
Navigate to the Security tab and click Advanced
-
Access Auditing Tab
Go to the Auditing tab and add or edit an entry
-
Configure Permissions
Choose Domain Users as the Principal, set Type to All, and permissions to Full Control
Adding the Storage Device
-
Configure Pure Console
-
Create User
Navigate to Settings > Users and create a new user named superna -
Copy API Token
Copy the generated API Token that you'll need for Data Security Essentials
-
-
Add New Device in Data Security Essentials
Go to the Inventory list and click + Device -
Configure Device
Fill in the device details in the form- Device Name: A descriptive name for your storage device
- Device Type: Select FlashBlade or FlashArray
- Description: Information about your device
- Managed by: Select the appliance that will manage this device
- API URL: Enter the management interface URL or IP address
- API Token: Paste the token copied from Pure Console