Manualshelf

Release Notes

ManualsBrandsDell ManualsStorageDell Compellent FS8600
12345678910
Table Of Contents
Multitenancy Data Access Access through a VIP enumerates the SMB shares and NFS exports that belong to the tenant and
connect to these shares and exports. Each tenant has separate access control settings, including the ability to join the same or
separate Active Directory domains.
Multitenancy and Data Protection When the multitenancy feature is enabled on the local or partner systems, the global
administrator has the ability to create a partner relation between the tenants on the source system and tenants on the remote
system.
NOTE: The NAS Volume Subnet Restriction feature has been deprecated starting in FluidFS v6. Use the
multitenancy feature instead to restrict access to NAS Volumes.
SMB3.1 and SMB3.1.1
SMB protocol 3.1.1 dialect adds pre-authentication integrity, cipher negotiation, AES-128-GCM cipher and cluster dialect
fencing. Pre-authentication integrity improves protection from an attacker in tampering with SMBs connection establishment
and authentication of messages. The cipher can now be negotiated during connection establishment. In addition to AES-128-
CCM cipher used at SMB 3.0.x, Windows 10 (and Windows Server 2016) added AES-128-GCM cipher in SMB 3.1.1. The GCM
mode offers a significant performance gain.
SMB3 Multi-Channel
FS8600 supports multi-channel for SMB 3.x clients (Windows 8 and later, Windows Server 2012 and later). This feature allows
clients to create multiple TCP connections for a single SMB session. Multi-channel can improve performance by increasing the
number of commands the client can transmit simultaneously, and by allowing clients to use multiple physical network interfaces.
Administrators must enable SMB3.0 multi-channel if they want clients to be able to use it, as it might increase the number of
TCP connections. Administrators should enable it only after verifying that the current SMB sessions are not near the supported
limit for their FS8600 cluster.
SMB3 Dynamic Access Control
SMB3 dynamic access control enables administrators to apply access-control permissions and restrictions based on well-defined
rules that can include the sensitivity of the resources, the job or role of the user, and the configuration of the device that is
used to access these resources. Dynamic access provides tools for administrators to define privileges in a more compact way
than traditional ACEs.
NOTE: Dynamic access control is supported in Windows Server 2012 and Windows 8 operating systems only.
SMB Change Notify Full Support
WATCH TREE requests enable clients, such as IIS, to cache SMB share contents locally, improving performance.
Changes to the following subscription types now trigger change notifications to the subscriber:
Attributes Any attribute change on any file or directory inside the subscribed folder
Size Any file size change (change in file size when the file is actually written to the disk
Last write mtime change
Last access atime change
Creation Create time change
Security Security-descriptor change (SetACL with DACL/SASL, SetOwner, SetGoup)
Stream name Alternate data stream name is added
Stream size Alternate data stream size change
Stream write Alternate data stream write operation
NOTE:
These new change notifications are disabled by default. NAS administrators can enable or disable change notification
settings using the CLI. If the new change notifications are left disabled, changes will trigger a generic notification to
clients.
NAS administrators have per-NAS volume option to enable or disable recursive notifications.
3