Apple Xsan 1.4 User Manual

44

Chapter 2

Setting Up a Storage Area Network

Security Considerations

If your SAN will support projects that need to be completely secure and isolated from

each other, you can create separate volumes for each project to eliminate any

possibility of the wrong client or user accessing files stored on a volume.

As the SAN administrator, you control which client computers can use a volume. Clients

can’t browse for or mount SAN volumes on their own. You use Xsan Admin to specify

which clients a volume is mounted on.

You can also set up access control lists (ACLs) in Workgroup Manager or assign user

and group permissions to folders using standard file access permissions in the Finder.

Choosing RAID Schemes for LUNs

Much of the reliability and recoverability of data on a SAN is not provided by Xsan itself

but by the RAID arrays you combine to create your storage pools and volumes. Before

you set up a SAN, you use the RAID Admin application to prepare LUNs based on

specific RAID schemes.

Important:

If a LUN belonging to an Xsan volume fails and can’t be recovered, all data

on the volume is lost. It is strongly recommended that you use only redundant LUNs

(LUNs based on RAID schemes other than RAID 0) to create your Xsan volumes.

LUNs configured as RAID 0 arrays (striping only) or LUNs based on single drives are

difficult or impossible to recover if they fail. Unprotected LUNs such as these should

only be used for volumes that contain scratch files or other data that you can afford

to lose.

Xserve RAID systems ship already configured as recoverable RAID 5 arrays.