Ease your servers' burden

A Network Attached Storage (NAS) device is a server dedicated to file storage that lets you add hard disk space to your network. Large enterprises find NAS devices crucial because most models can hold terabytes of data and provide mission-critical reliability. Compared with a more traditional server-based approach, NAS appliances typically promise easy setup and administration.

In this Lab feature, I review five NAS devices—Compaq's TaskSmart N2400, LSI Logic Storage Systems' MetaStor N4300, Network Appliance's NetApp F840, Procom Technology's NetFORCE 1500, and Raid-tec's RAIDserver V—that range from small, relatively inexpensive units to high-end, full-featured, and highly scalable units. All five units support both the Common Internet File System (CIFS) and NFS file-sharing protocols, for Windows users and UNIX users, respectively.

In considering systems for this review, I limited the field to NAS systems that offered a minimum of 400MB of disk storage. Although IBM and Hewlett-Packard (HP) offer NAS solutions, both vendors declined to participate in this testing. IBM is developing a new product line and couldn't provide production versions of the new systems. HP offered no explanation for its choice not to participate.

Feature Overview
The TaskSmart N2400 meets midrange to high-end NAS requirements and is the only tested system based on Windows 2000—Win2K Advanced Server, to be exact. Compaq licenses Win2K from Microsoft, so you don't need a Client Access License (CAL) to use the TaskSmart N2400. (Windows Services for UNIX—SFU—2.0 makes TaskSmart N2400-based data available to NFS users.) The TaskSmart N2400 consists of a 3U (5.25") rack-mount server—dual 733MHz Pentium III processors with a 133MHz front-side bus and 256MB of Level 2 cache—with 1GB of Error-Correcting Code (ECC) SDRAM. The server also includes an embedded Smart Array controller with two 18.2GB disk drives configured as a RAID 1 array (i.e., mirror set) for the OS. A four-channel Compaq Smart Array 4200 Ultra 2 RAID controller and as many as four storage cabinets support 2TB of storage. Each storage enclosure holds as many as fourteen 18.2GB or 36.4GB disk drives. Other standard features include an embedded Ethernet interface and a Compaq Remote Insight Lights Out Edition Board (RIB). The TaskSmart N-Series Console program, a Microsoft Management Console (MMC) based application, centralizes access to the system's administrative tools. The SnapShot Manager allocates and manages storage volumes and point-in-time views of data called snapshots. I reviewed a 1TB system that contained four storage enclosures—for a total of fifty-six 18.2GB Ultra 3 SCSI 10,000rpm disk drives—and a four-port 10/100 Ethernet interface.

The MetaStor N4300 is a high-end Sun Microsystems Solaris 7.0 based NAS solution that boasts the processing power of two or four 400MHz UltraSPARCII CPU modules. The system I tested had four CPU modules and nineteen 18GB Ultra 2 SCSI disk drives in three drive trays. Redundant SCSI channels service each drive tray, and redundant RAID controllers that share the six SCSI channels provide high availability. You can configure the system with as many as four storage controllers and eighty 18GB, 36GB, or 73GB disk drives for a maximum storage capacity of 5.85TB. TotalNET Advanced Server (TAS) technology lets the MetaStor series participate in mixed-mode (i.e., combined Win2K and Windows NT) domains and exposes MetaStor storage to Windows users.

The NetApp F840 enterprise filer is a high-end, highly scalable file server for Windows, UNIX, and Web clients. The appliance offers a maximum storage capacity of 6TB and a standard 3GB of ECC RAM. Network Appliance's proprietary Data ONTAP OS, a UNIX-based microkernel, provides excellent CIFS performance. On the version I tested, I was able to join an NT domain but not a Win2K domain. Network Appliance claims that Data ONTAP 6.1 (which should be available by the time you read this article) will provide full Win2K support. I tested a minimally configured system that contained seven 36GB 10,000rpm disk drives that were fibre channel connected at 100MBps. I tested the appliance once with four 10/100 Ethernet NICs, and again with one Intel Gigabit Ethernet NIC, which Network Appliance says is the most common network configuration that the company ships. Data ONTAP implements software-based RAID 4 for data-storage fault tolerance.

The NetFORCE 1500 is a single-cabinet midrange NAS solution that supports as many as ten 18GB, 36GB, or 73GB disk drives for a maximum capacity of 730GB. The system I tested contained a 700MHz Pentium III processor, 512MB of server RAM, and ten 36GB 10,000rpm disk drives. The system can join mixed-mode domains and includes an easy-to-use Web-based administration utility.

The RAIDserver V is a midrange solution that supports as many as 24 Ultra 2 Low Voltage Differential (LVD) disk drives in two 4U (7") rack-mount cabinets with a dual-channel Ultra 2 SCSI RAID controller. The system contains a 32-bit 266MHz PowerPC 750 CPU and a 64-bit bus interface. You can configure the RAIDserver V with as much as 512MB of system RAM. The system software is a Raidtec-enhanced version of the Linux 2.2 kernel. I tested a tower-cabinet model that contained twelve 18GB disk drives and 320MB of system RAM. The system can join mixed-mode domains.

Because these devices are storage appliances, you might expect a Plug and Play (PnP) installation and setup experience. However, each solution requires that you perform an installation and configuration procedure to establish a network connection, define storage volumes, and make the storage accessible to Windows or NFS clients. Some of these products include a setup process that's easy to understand and to successfully complete. Others give you a complex interface and nonintuitive or ill-documented steps to successful implementation.

TaskSmart N2400. Win2K AS was preinstalled on the first of three logical volumes on the RAID 1 mirror set connected to the server's integrated RAID controller. Although you can operate the TaskSmart N2400 through the RIB's Web interface, I attached the system to the Lab's Raritan keyboard/video/mouse (KVM) network and used the Win2K console interface to complete the initial configuration.

After easily cabling the TaskSmart N2400's components together and connecting the appliance to the network, I powered it up. Manually configuring the server, getting it on the network, and verifying proper operation were simple. Although manual configuration is a perfectly valid method of setting up the TaskSmart N2400, Compaq recommends that you use the TaskSmart Appliance Server Utility CD-ROM, part of the Reference Information kit that comes with the system. The CD-ROM includes a wizard that helps you collect basic server-configuration information and writes this information to a Configuration Data Diskette. When a factory-fresh system boots for the first time, it uses the information on the Configuration Data Diskette to automatically configure the TaskSmart N2400.

To review the typical end-user experience, I used the TaskSmart QuickRestore CD-ROM to restore the TaskSmart N2400 to its factory-fresh state. I ran the TaskSmart Appliance Server Utility on my Win2K Professional desktop and filled in the wizard's forms—supplying names for the server and the RIB—and the network adapter configuration information. Using this method to get the system up and running was quick and easy.

TaskSmart N2400
Contact: Compaq * 800-888-9909
Web: http://www.compaq.com
Price: $85,173 as tested

MetaStor N4300. The system arrived in a large cabinet that offered lots of room for additional drive trays. Installation assistance is a standard part of the purchase agreement, and I took advantage of this feature by letting one of the vendor's systems engineers assist me through the initial power-up phase. However, the easy-to-follow hard-copy Quick Start Guide documents this process, so you might not need assistance.

The first step is to edit the site.con text file on the accompanying System Profile 3.5" disk, replacing its sample information with the host name and IP addresses that you want to use. You must assign static IP addresses; the unit doesn't support DHCP or BOOTP. Although you'll generally want to assign a fixed IP address to servers, DHCP or BOOTP support would have been convenient during initial installation—particularly because the primary configuration tool is Web based. The System Profile disk eliminates the need for automatic IP address assignment, and you can always add an address reservation to DHCP if that helps you document IP address utilization. Upon initial power-on, the system uses the System Profile disk's information to configure the Ethernet interfaces and enable the Web-browser interface. You can then use the Web-browser interface to finalize the configuration. (If you encounter problems, you can also operate the system through a serial console connection.) LSI Logic Storage Systems has based the system on Solaris, which will be familiar to UNIX systems administrators. Using JetWorks Plus, the MetaStor's Web-based administration utility, I set the correct time zone and time server information, changed the root user password, and supplied DNS server information.

The system contained 18 disks evenly split between three RAID 5 arrays, each fully allocated to one LUN. One disk was a global hot spare and would automatically replace a failing disk in any of the three arrays. Using 15GB on each of the three LUNs, I created a 45GB file system with the imaginative name 45Gstripe. To create 45Gstripe, I assigned the new file system an Owner User ID and a Primary Group. Using the Quick Start Guide, I created a new user—ADMIN—as a member of the preexisting SYSADMIN group. Next, I created the file system, assigning ADMIN as its owner and SYSADMIN as its primary group.

The MetaStor N4300 system uses TAS 6.0—and its CIFS, Novell NetWare, and AppleTalk compatibility modes—to expose the inherently UNIX-oriented file system. The Quick Start Guide steps you through the process of configuring TAS so that the file system is accessible to Windows, NetWare, and AppleTalk users. TAS licensing requires a user license for each concurrent file-system connection; a user connecting simultaneously in CIFS, NetWare, and AppleTalk compatibility modes will use three licenses, although the need to access storage in more than one mode from the same computer is rare.

The first time you use TAS to expose an NFS file system in CIFS, NetWare, or AppleTalk mode, you must use the TAS Configuration and Administration Initial Setup Wizard. The wizard first checks for a valid TAS activation key, or license key, which LSI Logic Storage Systems had preinstalled on the system I reviewed. The next screen lets you name an administrative user ID and a group. (The defaults are user totalnet and group totalnet.) Check boxes let you configure TAS to start either automatically on system boot or upon initial configuration, both of which I left selected. Check boxes on the third screen let you enable the CIFS, NetWare, and AppleTalk compatibility modes. I selected CIFS and cleared the other two. You use the next screen to configure aspects of CIFS support. I entered the NetBIOS server name that I'd chosen and the name of the domain this server would join, then selected NetBIOS over TCP/IP as the only protocol. I chose not to enable NetBIOS over NetBEUI, a configuration suitable only for small, single-segment networks. Had I used WINS on the test network, I could also have specified one or more WINS servers for this system to use for name resolution. Clicking Finish on this screen completed the TAS setup. I clicked Status at a Glance on the TAS menu and saw that both the CIFS realm and the LSI4300 server service were running.

Creating file shares—either TAS or NFS—is the final step that the Quick Start Guide describes. In the Storage Administration Shares window, I created shares to permit access to the 45Gstripe file system. First, I created a TAS share named 45gb_a at the root of the file system; Windows users would use this share to access the file system in CIFS compatibility mode. Next, I created and shared a directory named nfs_users under the root of the file system. Because the MetaStor N4300 runs under UNIX, access permissions follow the UNIX model. Three types of access permissions—read, write, and execute—exist at each of three levels (i.e., the owner user ID, the members of the primary group, and all other users). For both shares, I enabled full read-write-execute status for the owner, a user ID named ADMIN, the primary group (SYSADMIN), and others.

According to the Quick Start Guide, I had completed the configuration, and I should have been ready to use the shares. However, when I tried to access the storage from a Win2K Pro system, I could see the LSI4300 server but was unable to see or access the shares. A call to LSI Logic Storage Systems' technical support solved the problem.

When you access a CIFS compatibility share from Windows, Windows attempts to use the currently logged-on user's credentials to authenticate access to the share. Win2K Pro (and NT 4.0) transmits these credentials in an encrypted format. TAS support for encrypted credentials isn't a default setting, so I needed to configure it. Several paths to this configuration option exist, but the quickest path is TAS's Status at a Glance window. I clicked the LSI4300 service, selected Authentication Options, and selected the Use Secure Passwords check box. After restarting the system to ensure that the new settings were in effect, I again attempted to access the shares. This time, the system prompted me for a user ID and password, and I entered a local user account that I had created. Again, the access attempt was unsuccessful.

Technical support provided another answer. I needed to create a TAS user, in addition to the local user that the Quick Start Guide directed me to create. From the Operating System Security menu, I selected TAS Users. In the TAS Users window, I created a user of the same name as the local user I had created earlier. Technical support told me that the password for the TAS user didn't need to be the same as the local user's password, and a little experimentation verified that statement. I could now use the share that I created from my Win2K Pro computer.

MetaStor N4300 administrators must create a TAS account—which must have the same name as a valid UNIX account—for every Windows account that needs to authenticate access to a CIFS share. The password that you create for this TAS user, not the UNIX account password, authenticates access to the CIFS share. If you have many Windows users that need the same access rights to data, using the unit's Remote Authentication option with the User Name Mapping facility might lighten your administrative burden.

MetaStor N4300
Contact: LSI Logic Storage Systems * 888-638-2786
Web: http://www.lsilogicstorage.com
Price: $188,156 for the entry configuration; $249,592 as tested

NetApp F840. For system configuration, the NetApp F840 offers a Web-based setup wizard and a serial console command-line setup procedure. For each procedure, I could follow a separate First Time Configuration guide. I chose to use the setup wizard.

The NetApp F840 can use DHCP to obtain an IP address, so I first created an address reservation on the DHCP server. To do so, I used the interface's media access control (MAC) address, which I obtained from a label on the back of the package. The system took the IP address properly but didn't apply the default gateway address that the Win2K AS-based DHCP server defined as a scope option. Therefore, I needed to complete the initial configuration from a computer that resided on the same network subnet as the NetApp F840, then manually configure the default gateway address so that users on other IP subnets could access the system.

After I completed the configuration guide's worksheets, I used Microsoft Internet Explorer (IE) to connect to the system and choose my configuration options. One option (that I didn't configure) lets you specify an Administrative Host—the name or IP address of a computer that will have access to the root file system. If you don't configure this option, all users—both NFS and CIFS—will have access to the root file system. The system I tested was licensed for NFS, CIFS, and HTTP access, which are separately priced licensing options.

The first time I used the wizard, the NetApp F840 failed to join the NT 4.0 domain. In the log, I discovered that I should have first created a computer account in the domain. After I did so, the setup wizard finished successfully and I was able to access the default share from an NT Workstation client on the same network segment. At the time of this writing, the NetApp F840 couldn't connect to a Win2K domain.

To configure NT domain users and groups for specific kinds of access to the share, you use the Share and Access Editor in the Web-based administrative utility NetApp FilerView. While testing various access combinations, I found that accounts with Domain Administrator authority had full access regardless of other permissions settings, that a group-level No Access permission denied access granted to a particular member of that group, and that restricted access for a user ID or group worked as expected. In short, access permissions that you implement in the NetApp F840 are consistent with typical NT permissions.

Expanding the volume from the default of two disks to include the other five disks was simple. On the Volume/Disk status screen, I verified that the name of the volume was VOL0; then, on the Volume Configuration screen, I added five disks to the volume. On the NT Workstation computer I was using, Windows Explorer immediately recognized the change.

NetApp F840
Contact: Network Appliance * 800-443-4537
Web: http://www.netapp.com
Price: $145,000, estimated price as tested

NetFORCE 1500. To get the NetFORCE 1500 up and running, I followed the clearly outlined steps in the unit's QuickStart guide. Although my network contained a DHCP server, I chose to manually configure the NetFORCE 1500 from the front-panel LCD. I navigated the menu items and configured an IP address and default gateway. To complete the system configuration, I restarted the system (again from the front-panel LCD menu), then used IE 5.0 from another computer to connect to the unit. The Getting Started guide instructed me to navigate to the setup wizard. I configured the local time zone, the network DNS servers, and an SMTP server and email address that the NetFORCE 1500 would use for event notification. My test network included a Win2K Active Directory (AD) domain in mixed mode with no WINS servers, so I chose to leave the WINS option unconfigured. After the wizard finished, the NetFORCE 1500 rebooted and I began configuring the storage subsystem.

NetFORCE 1500
Contact: Procom Technology * 949-852-1000 or 800-800-8600
Web: http://www.procom.com
Price: $32,574 as tested

RAIDserver V. The RAIDserver V is the most attractive NAS device I tested, with red teardrop-shaped release levers for each of the 12 hot-swappable disk-drive trays. The two test units came in tower cases, but rack-mount models are also available. The systems arrived without printed documentation but included a documentation CD-ROM. Unfortunately, the Getting Started guide doesn't describe the physical setup. Although inserting disks into the cabinet requires no instructions, using the three external SCSI connectors isn't so simple. After I acquired additional documentation from Raidtec's technical support, I learned that two of the connectors were for the internal RAID controller and the third connector connected the integrated storage subsystem's disk drives. I needed to attach the vendor-supplied SCSI LVD cable between one of the RAID controller ports and the storage subsystem port. With the help of the Getting Started guide, I looked for the primary Ethernet interface's MAC address, which should have been on a label on the bottom of the system. It wasn't. I was unable to set up a DHCP reservation with a predetermined IP address. Therefore, I simply let DHCP assign an address when the unit powered up, then used Win2K Server's DHCP Administration utility to see what IP address DHCP assigned to the NAS system.

The RAIDserver V's Web-browser interface, which you use for setup and management, offers a nicely organized home page that simplifies your navigation to any administrative window, as Figure 1 shows. Using IE 5.0, I connected to the RAIDserver V, expecting to enter the setup wizard. The first time I connected to the system—before I installed the SCSI LVD cable—the Web interface reported that no disk drives were present. After I called Raidtec's technical support and installed the cable, the system's recovery mode—rather than the setup wizard—greeted me. Apparently, Raidtec had preconfigured my two test systems at the factory, but I could find no indication on the disk drives about which system each drive belonged to. Therefore, I didn't reinstall the disk drives in the proper systems. As luck would have it, I almost got it right—only one drive was in the wrong system, so the system I was initializing used its hot spare and rebuilt the predefined array.

To evaluate the typical user-installation experience, I obtained from Raidtec a procedure to reinitialize the system to factory-default state, then restarted the installation process. This time, the RAIDserver V obtained the correct DHCP-assigned address according to the reservation I had defined. However, the unit failed to use the default gateway. (The default gateway, a standard IP protocol configuration parameter that gives an IP host the address of a router on the local subnet, lets users on other IP subnets connect to the system.) This failure forced me to continue the setup from a system on the same network subnet as the RAIDserver V. Using the Getting Started guide, I brought the system up and joined it to a Win2K AD domain operating in mixed mode. The System Summary screen displayed a useful collection of information, including internal temperature, RAIDserver firmware levels, system configuration, and volume usage.

RAIDserver V
Contact: Raidtec * 770-664-6066
Web: http://www.raidtec.com
Price: $6655 base price; $14,195 as tested

Windows Domain Participation
When a NAS device is a member of a Win2K or NT domain, a NAS administrator can use a user's domain user ID to configure file access security. In a Win2K or NT server environment, a NAS system can have one of three levels of support for domain membership:

  • A NAS system can join an NT domain but have no Win2K support.
  • A NAS system can join a Win2K mixed-mode domain by emulating an NT 4.0 server.
  • A NAS system can join a Win2K AD native-mode domain by emulating a Win2K server.

Of the NAS systems I tested, only the Win2K-based TaskSmart N2400 offers native-mode support. Three of the other four devices support Win2K mixed-mode domains. The NetApp F840 is restricted to NT 4.0 domain membership.

TaskSmart N2400. The TaskSmart N2400 is a Win2K AS­based system. Therefore, this unit had no problem joining either an AD domain or an NT 4.0 domain.

MetaStor N4300. The MetaStor N4300 uses TAS to make its UNIX file system accessible to Windows users. During TAS setup, I supplied the name of the Win2K mixed-mode domain I wanted to join, and TAS did the rest. Figure 2 shows the window in which I configured the Win2K domain. Like the other systems, TAS supports Win2K domains in mixed mode but not yet in native AD mode.

NetApp F840. The NetApp F840 isn't yet Win2K-ready but can join NT 4.0 domains. Network Appliance plans to offer Win2K support in Data ONTAP 6.1 by spring 2001. After I finished the unit's installation, I discovered that I couldn't use the FilerView interface to manipulate the system's domain membership. Instead, I used HyperTerminal—through a serial connection to the unit's console port—to configure domain membership. CIFS Setup guided me through the steps necessary to join the NT 4.0 domain. The process required that I use Server Manager on the domain controller (DC) to create a machine account for the unit. After the machine account was in place, the process finished cleanly.

NetFORCE 1500. At the time I was writing this feature, Procom Technology was adding Win2K mixed-mode domain support to the NetFORCE 1500. During the review process, the company supplied me with updated firmware that supports this functionality. The NetFORCE 1500's procedure for joining a domain is one of the easiest I tested and will seem familiar to NT systems administrators. In the Windows Networking configuration window, which Figure 3 shows, I entered the domain name and a domain user ID and password. The NetFORCE 1500 created a computer account in the domain and joined the domain.

RAIDserver V. The Getting Started guide leads you through a setup process that uses an accounts database local to the RAIDserver V. However, I wanted to make the RAIDserver V a member of my Win2K domain and use domain accounts to authenticate access to the Windows-accessible shares. To do so, I first created a computer account in the domain in the name of the server, then enabled Microsoft Networking, specifying the NT-compatible domain name and the name of the Win2K PDC-emulator DC in the appropriate setup window fields. The procedure failed on my first attempt but succeeded after I selected the Allow preWindows 2000 computers to use this account option as I recreated the computer's domain account.

The RAIDserver V presented one difficulty. Upon joining the domain, the unit created a NetBIOS-type 1B record for the domain it joined—in effect, the unit claimed to be the domain's Domain Master Browser. Only one server in a domain can be a Domain Master Browser, and the PDC customarily takes this role. The presence of the 1B record caused the name to show a CONFLICT state on the domain's PDC emulator. At press time, this problem was still outstanding.

Accessing Data: CIFS and NFS
In addition to exposing storage as CIFS shares to Windows users, all five systems promised the ability to expose data as NFS exports to UNIX users. Predictably, some of these units are more Windows friendly, and others are more UNIX friendly.

TaskSmart N2400. The TaskSmart N-Series Console, an application that the TaskSmart N2400 displays when you log on to the system, is the unit's administrative hub. Figure 4, page 106, shows this MMC-based console expanded to show CIFS shares. Because the TaskSmart N2400 is based on standard Compaq server technology, this interface will look familiar if you've used Compaq servers.

To create storage volumes, I first opened the MMC TaskSmart NAS Management snap-in. Then, I used the Compaq Array Configuration Utility to create several RAID arrays, each of which I allocated to one logical volume. Using the Snapshot Manager utility, I allocated one logical volume (which I had used the Array Configuration Utility to create) to a storage pool.

Next, I created a virtual disk—which functions similarly to an NT volume—in the pool. To create the virtual disk, I assigned a share name, allocated a portion of the pool space to the virtual disk, assigned a drive letter, and selected an allocation unit size. Snapshot Manager formatted the virtual disk and made it accessible as a volume on the system. To make the virtual disk accessible to network users, I used the familiar Win2K routine of sharing the volume and assigning access permissions.

A strength of the TaskSmart N2400's pool and virtual-disk architecture is the ease with which you can increase the space. To increase a pool's capacity, I added another logical volume that I created within the Array Configuration Utility. To add space to a virtual disk, I ran the Grow Volume Wizard, which Figure 5 shows. For both procedures, the additional disk was available almost immediately, without requiring a system restart.

The TaskSmart N2400 leverages SFU to make storage volumes accessible to NFS users. After I completed the SFU installation, I used Windows Explorer to create an NFS share. First, I selected Sharing from the context menu for the volume or directory that I wanted to share. On the NFS Sharing tab, I created the share and configured security. You can specify read, read/write, or root access levels for clients or client groups—that is, by computers or groups of computers that must access the NFS share. Using the Solaris workstation, I mounted the NFS share and manipulated files on the TaskSmart N2400.

MetaStor N4300. LSI Logic Storage Systems supplies the Web-based JetWorks Plus Administration tool with its MetaStor N-Series products. On my system, this tool gave me access to seven utilities that I could use to administer the MetaStor system's various components (or spheres).

The MetaStor N4300 arrived preconfigured with a global hot spare and three RAID 5 arrays, each composed of six 18GB disks. If I had needed to recreate the arrays, I would have used the JetWorks Plus Administration's Storage Administration sphere.

To configure storage for user access, the first step is to create a file system. A file system is analogous to a logical volume. In the Storage Administration sphere, I selected File System Management, then the option to create a new file system. In the subsequent window, I selected all three of the preconfigured RAID 5 volumes (indicating that the logical volume should be striped across the three RAID 5 volumes), requested 50GB of disk space, and gave the file system a name. The wizard completed with a success message. To view the new TAS share, I moved to the TAS Configuration and Administration sphere and selected Volumes from the TAS Administration menu. JetWorks Plus Administration lets you shrink and expand the size of file systems.

TAS lets Windows clients access the underlying native UNIX file system and expects that you'll create a duplicate of the Win2K or NT domain account as a TAS user account (i.e., with the same user ID and password). This expectation assumes that you've configured TAS to use local account authentication.

TAS also can act as a DC, maintaining an accounts database and letting you join NT workstations to TAS's domain. (I didn't test this capability.) Additionally, TAS supports two types of remote authentication: a TAS gateway (i.e., a server running the TAS NTauthgate daemon) and a proxy service. Neither of these options was available on the system I tested. After I contacted LSI Logic Storage Systems technical support for a way to use an existing Win2K or NT DC for user authentication, a technician described an alternative procedure. Navigating five levels down into the JetWorks Plus Administration utility's TAS sphere, I found an option that allows remote authentication when you specify the name of a Win2K or NT DC. This facility—combined with the User Name Mapping facility, which lets you equate one or more Windows user IDs with one local UNIX account that determines file access security—lets standard Win2K or NT accounts authenticate access to the MetaStor N4300. When I used this facility, I still needed to define each underlying UNIX account as a TAS account, as I described earlier. In short, if you're a Win2K or NT systems administrator who supports many N4300 users, you need to define each Windows user ID to TAS either as a TAS user ID or within the User Name Mapping facility—an extra step that the other systems don't require.

The MetaStor system is UNIX-based, so exposing data as an NFS export is a fundamental feature. I created and managed NFS exports from the Storage Administration sphere's Shares menu. From the Solaris workstation, I could easily manipulate files on these exports.

The unit's administrative architecture is complex and difficult to navigate. For example, I used the Storage Administration tool to create a CIFS share. To modify or delete that share, I needed to move to the TAS Configuration and Administration sphere, navigate to the TAS System submenu's Volumes page, then locate the share in the Volumes list. To let any user access the CIFS share, I needed to move to the Operating System sphere, then use the Security functions to create both a local user and a TAS user of the same name. After you become comfortable with MetaStor's architecture, however, you'll find that it offers powerful and flexible tools that meet the needs of a variety of mixed Win2K, NT, and UNIX computing centers.

NetApp F840. The NetApp F840 had seven 36GB disks configured as a RAID 4 array. Using the Web-based FilerView utility, I allocated physical disks to RAID volumes, then created CIFS shares or NFS exports to make space available to network users. Creating and expanding volumes on the NetApp F840 was simple.

I created an NFS export with the path name \vol\vol0\home for the RAID volume. Similarly, I created a CIFS share named HOME for the RAID volume. The share and export functions make the entire volume available to users. However, the unit lets you create an \etc\quotas file to limit the amount of disk space that a user, group, or qtree uses. To test NFS access, I used the Solaris workstation to mount the NFS export and manipulate files between the NetApp F840's file system and other file systems.

NetFORCE 1500. Of the interfaces of the systems I tested, the NetFORCE 1500's Web-based GUI interface is one of the easiest to use. The RAID Management screen displays the status of installed disk drives. A disk drive that isn't part of a RAID array displays with a check box that lets you designate that drive as part of a new RAID array. Clicking the Create LUN button completes this process.

I chose to allocate 9 disks to one LUN and make the 10th disk a hot spare. From the Create/Delete menu, I created logical volumes of a fixed size, using a portion of the LUN's capacity. Increasing the size of a logical volume is a quick two-step process. First, you create a new logical volume segment from the same screen you used to create the primary volume. Second, you use the Configuration menu's Segments tab to add the segment to the volume you want to expand. The new space is immediately available. The NetFORCE 1500 doesn't provide a means to directly shrink a volume. To make the volume accessible to Windows users, you use the SMB/CIFS menu to create a share for the volume. File-level and directory-level permissions are easy to set with the familiar Windows Explorer Security tab on the Properties page.

Similarly, I used the NFS menu to export the volume for access by UNIX users. I used the Solaris workstation to mount the export. As I expected, I was able to access files on the NetFORCE 1500.

RAIDserver V. The RAIDserver V's Web-based configuration and administration interface is well organized and easy to navigate. From the Volume menu, you can create RAID 0, RAID 1, RAID 5, and RAID 10 arrays by selecting a check box next to each of the unassigned disk drives that you want to use for a new RAID volume and using drop-down boxes to select RAID level, segment size, and hot-spare usage. For my testing, I created a RAID 5 array—or a volume, in Raidtec's terminology. I set 1 disk to hot-spare status and allocated the other 11 disks to the array. To achieve the best performance, I set the volume to Asynchronous write mode. This mode, in which RAIDserver V signals that the write-to-disk operation is complete before the actual write to disk, enables write caching. Because of the potential for data loss (in the event of a failure that precedes the write to disk), Raidtec recommends asynchronous write mode only when a UPS system safeguards the RAIDserver V.

With the help of the Getting Started guide, I moved on to the next step: creating a share. After I completed the necessary steps, I was able to see and use a share that I created from another NT computer on the same network segment. When I added the RAIDserver V to the DNS server, I could map to and use the share from other network segments.

The RAIDserver V also supports NFS access—specifically, NFS 2.0 over UDP. Configuring NFS access requires two steps: creating an export (i.e., designating a directory on a volume as accessible to NFS users) and enabling NFS. Although the guide directed me to first enable NFS, the GUI required that I first create the export. Except for that inconsistency, the creation of the export proceeded as advertised. However, I had difficulty mounting the export. Raidtec's technical support explained the difficulty as an NFS version problem: The Solaris workstation supported NFS 3.0, whereas the RAIDserver V supported NFS 2.0.

You can make a directory accessible to both Windows and NFS users—with some limitations. When you use Windows domain authentication (rather than a local accounts database), files that NFS users create are accessible to Windows users only in read-only mode. This limitation is a result of the underlying user ID that controls access permissions. If you use a local accounts database for Windows authentication, you can create accounts with specific user IDs to match UNIX-based users' IDs. Windows domain authentication doesn't offer this functionality. The GUI doesn't let you specify UNIX-style permissions for the directory shared through an NFS export. If you use Windows domain authentication mode, the RAIDserver V knows what the user ID is after a domain user connects to a share. You can edit a domain account's user ID after the RAIDserver V knows the account.

I discovered a limitation of the RAIDserver V: It supports a maximum file size of 2GB. My test suite included random reads from a 5GB file—a test that I couldn't perform on this NAS device. The reason for the limitation is the underlying Linux 16-bit file system. To eliminate this limitation, Raidtec plans to implement a journaling file system in late 2001.

Backups and Data Snapshots
Data snapshots, which let you almost instantly capture the state of data storage from a specific point in time, are a compelling feature of four of these five NAS units. Snapshots are a relatively low-overhead method to maintain a point-in-time backup of a NAS system's files. When you take a snapshot, the NAS system copies no data. Instead, the NAS system maintains a copy of the original version of the data, often by simply saving the original block of data on disk. When you subsequently modify files, the system writes the new data to a new disk location. Therefore, a snapshot occupies only as much disk space as the original version of the changed data. Data snapshots offer a convenient way to restore files that users inadvertently delete or damage, and they let you back up volumes to tape from a specific time, while file-system activity continues.

TaskSmart N2400. Snapshot Manager, Compaq's tool for capturing a point-in-time state of a virtual disk for backup purposes, is the same tool that you use during system configuration to create storage pools and virtual disks. Snapshots appear as separate volumes that you can make available to Windows users or Help desk staff. Because the TaskSmart N2400 is a Win2K AS­based system, any enterprise backup system that works with Win2K AS will work with the N2400.

MetaStor N4300. The MetaStor N4300's Backup and Recovery sphere includes snapshot support and—if the N4300 includes an integrated backup device—a means with which to launch the backup utility. You can create snapshots manually or on a timetable that you configure. By default, the MetaStor N4300 reserves 15 percent of the file-system space for storage of the original version of the data that changed after the snapshot was taken. You can change that percentage when you schedule a snapshot. When you create a manual snapshot, you can choose a directory to place it in. The MetaStor N4300 deletes snapshots whenever you reboot the system. If you need to retain a point-in-time snapshot, you can back it up to an attached backup device.

NetApp F840. The NetApp F840 supports snapshots. As Figure 6 shows, you simply select the hours on the clock representation and designate the number of hourly, nightly, and weekly snapshots you want the system to keep. The NetApp F840 supports Network Data Management Protocol (NDMP), a standard for communication between network-based backup applications and servers. The protocol lets a tape backup device attached to the unit or to a network workstation back up data on the unit.

NetFORCE 1500. The NetFORCE 1500 also supports snapshots. (Procom Technology calls them checkpoints.) From the Checkpoint item on the File/Volume menu, I was able to create both scheduled and manual checkpoints. All checkpoints appear as a new volume; for example, checkpoints for the volume I named GB50 appear as directories in the gb50.chkpnt volume. I created a CIFS share for that volume to expose the checkpoints in a way that Windows users would find easy to access. For full data backup, the NetFORCE 1500 lets you connect SCSI tape libraries and supports NDMP client/server systems over standard Ethernet or Gigabit Ethernet links.

RAIDserver V. The RAIDserver V doesn't support point-in-time data snapshots. However, the unit offers integrated support for several SCSI-connected tape-backup devices. Although the device I tested contained no tape device, the backup options in the RAIDserver V's administrative utility seem complete and easy to use. The system supports full, incremental, differential, and custom backups—on demand or according to a schedule.

Performance Comparisons
To assess the file-server performance of each unit, I used Quest Software's Benchmark Factory to create a set of file-access transactions, then varied the simulated user load, noting the point of maximum throughput. To create a meaningful comparison, I ran the same workload against a Compaq ProLiant DL580 server with four 700MHz Pentium III Xeon processors with 1MB of Level 2 cache and thirteen 18GB Ultra 3 SCSI 10,000rpm disks. I configured this reference system with a disk and memory complement as close to that of each of the NAS units as possible. In other words, I reconfigured some or all of the 13 disks to closely match the RAID configuration of the NAS device to which I was comparing the reference system. Similarly, I used the Maxmem option in boot.ini to limit the Compaq system's available memory to the amount with which the corresponding NAS device was configured. Therefore, you should compare these test results only to the similarly configured reference system. Unless otherwise noted, I generated the test load using 47 client systems allocated over three 100Base-T network segments, with the test system multihomed to the same three segments and to a network segment hosting DCs.

TaskSmart N2400. The TaskSmart N2400 that I tested contained 1TB of disk storage in four cabinets. However, I chose to test a more modest configuration that I could match to my reference system—one RAID 5 array of 13 disk drives in one cabinet. I created a pool over the entire array and a 100GB volume within the pool. The dual-processor N2400 posted a maximum throughput of 107.7 transactions per second (tps), compared with a 136.7 tps maximum throughput for a comparable configuration on the quad-processor reference system. The higher performance of the reference system is due primarily to two factors. First, although my tests involved Ultra 3 disks in both units, the reference system's SmartArray 5300 controller is a 160MBps Ultra 3 controller, whereas the TaskSmart N2400's Smart Array 4200 controller is an 80MBps Ultra 2 controller. (By the time you read this article, another version of the TaskSmart N2400 might be available with the newer Smart Array 5300 controller.) Second, the reference system contains four Xeon processors with 1MB of Level 2 cache, compared with the TaskSmart N2400's two Pentium III processors with 256KB of Level 2 cache. The TaskSmart N2400's impressive performance comes with a hefty price tag.

MetaStor N4300. The MetaStor N4300's 67GB test volume was striped across three 6-disk RAID 5 arrays, a configuration I couldn't precisely duplicate on my 13-disk reference system. Nevertheless, testing the MetaStor N4300 produced a lackluster 85.4tps maximum throughput. I called LSI Logic Storage Systems and implemented some tuning changes, but when I retested the unit, it didn't produce significantly different results.

NetApp F840. The NetApp F840, with a RAID 4 array over seven 36GB disks and 3GB of total system memory, produced a stellar maximum throughput of 341.4tps. Network Appliance also supplied Gigabit NICs that let me test another network configuration. In the second configuration, I connected my three segments of load-generating client computers to a Foundry Networks FWS24 Gigabit/100MB Ethernet switch. I connected the test server to one of the switch's two SX Gigabit Fiber ports. The Gigabit network modestly improved the NetApp F840's overall peak throughput to 356.7tps. By way of comparison, the reference system's peak throughput improved from 163.5tps with the 100MBps network to 171.3tps with the Gigabit network.

NetFORCE 1500. I configured the 512MB NetFORCE 1500 with a 50GB volume on a nine-disk RAID 5 array. Maximum throughput with my test suite was 95tps. The similarly configured four-processor reference system posted a throughput of 87.4tps. Considering the NetFORCE 1500's cost, the unit's test results are impressive.

RAIDserver V. I couldn't run my test suite against the RAIDserver V. First, two of my test transactions read blocks of data from a 5GB file—but the RAIDserver V supports a maximum file size of only 2GB. Second, my testing occurred before Raidtec's addition of Win2K support, and Raidtec sent an early build of software that supported the joining of Win2K domains. This build let me join a Win2K domain, but the RAIDserver V claimed to be a Domain Master Browser, causing a conflict with the true Domain Master Browser (i.e., the PDC-emulator DC) when the RAIDserver V was online. Raidtec reports that production builds of the software don't have such problems. Raidtec will likely have full Win2K support working by press time.

Database on NAS
Microsoft officially supports only Network Appliance's NetApp filers to host Microsoft SQL Server databases. Microsoft doesn't recommend NAS units for Microsoft Exchange Server database storage.

The reason for this limited support is simple. All access to data on NAS devices relies on the robustness of the TCP/IP protocol suite. The TCP/IP protocol tries to guarantee delivery of data across a network to the intended application but isn't always successful. Applications such as SQL Server and Exchange Server rely heavily on the complete integrity of their databases, and the current state of TCP/IP over Ethernet often falls short of providing complete data integrity.

Three Tiers
These five systems fall naturally into three categories. In the low-end category, both the NetFORCE 1500 and the RAIDserver V offer easy-to-use Web-based administration tools, although I'd give the ease-of-use edge to the NetFORCE 1500. The RAIDserver V is more expandable, but I experienced problems with Win2K domain participation, and the unit's 2GB file-size limit tripped up my testing.

In the high-end category, the NetApp F840 and the MetaStor 4300 are UNIX-based systems with multiterabyte storage capabilities. Both systems were more difficult to administer than the lower-end units, but the higher learning curve is to be expected, given the products' expansion capabilities. From a performance perspective, the NetApp F840 was the star of this show, providing performance that was double the speed of my 4-way reference server.

Finally, I'm placing the TaskSmart N2400 in a class by itself. Because the system is based on Win2K AS, Win2K administrators will find that it's the easiest of the systems to learn and manage.