Globally Distributed Enterprise File Sharing with Azure NetApp Files and Talon FAST™

Modernizing distributed storage in Microsoft Azure

Streamline and simplify IT storage and infrastructure by centralizing unstructured data into

Microsoft Azure using Azure NetApp Files to provide fast local and geographically d istributed

access with Talon FAST™ .

Jaap van Duijvenbode – Talon Storage Solutions, Inc.

Geert van Teylingen, Andrew Chen – Microsoft

Will Stowe – NetApp

Revision 20190522.1 FINAL

In partnership with

2

Contents

1. Executive Summary ................................................................................................................................................. 4

2. Solution Overview ................................................................................................................................................... 6

3. About Talon FAST™ Intelligent File Caching ............................................................................................................ 8

4. Deployment Methodologies .................................................................................................................................... 9

Azure NetApp Files ..................................................................................................................................... 11

Talon FAST™ Fabric..................................................................................................................................... 12

Summary .................................................................................................................................................... 15

5. Deployment: Before you Begin ............................................................................................................................. 16

5. High-Level Architecture: Talon FAST™ with Azure NetApp Files .......................................................................... 18

Resources Required .................................................................................................................................... 18

Deliverables ................................................................................................................................................ 19

6. Provisioning Azure NetApp Files............................................................................................................................ 20

Storage Hierarchy ....................................................................................................................................... 20

Service Levels, Capacity and Performance ................................................................................................. 21

Example ...................................................................................................................................................... 22

7. Deploying Talon FAST™ Core + Edge Instances ..................................................................................................... 23

Deploying the Talon FAST™ Virtual Template ............................................................................................ 23

Login Credentials ........................................................................................................................................ 23

Network Configuration ............................................................................................................................... 24

Active Directory Configuration ................................................................................................................... 25

Software Installation Package (Update) ..................................................................................................... 27

8. Talon Licensing: License Management Server ...................................................................................................... 31

3

9. Configuring Talon FAST™ ....................................................................................................................................... 34

Talon Configuration Console ...................................................................................................................... 35

FAST™ Core Instance .................................................................................................................................. 35

FAST™ Edge Instance .................................................................................................................................. 35

Registering your FAST™ Core or Edge instance with FAST™ LMS .............................................................. 35

Configuring FAST™ Core instance – Service Account ................................................................................. 38

Configuring FAST™ Core instance – Backend File Servers ......................................................................... 39

Configuring the Talon FAST™ Edge Role .................................................................................................... 40

10. Implementing a Global Namespace using DFS-N .................................................................................................. 41

DFS Design .................................................................................................................................................. 41

Site Definitions and Site Links .................................................................................................................... 42

DFS Root Configuration default.................................................................................................................. 44

11. Financial Investment & ROI ................................................................................................................................... 49

4

1. EXECUTIVE SUMMARY

One of the biggest challenges distributed enterprises face is the evolution of consolidation and virtualized infrastructure.

However, maintaining responsiveness to user’s business needs remains a challenge. Many solutions have tried to provide

efficient data management, global enterprise file sharing, and collaboration, but lack the ability to guarantee a high-

quality end-user experience and maintain or improve enterprise (application) file access performance while simplifying

and improving day-to-day data management tasks and challenges.

By overcoming these challenges, IT organizations can secure and optimize the delivery of business services and data for

all users across the distributed enterprise—including those in or near cloud regions, internet breakouts, branch offices,

data centers, and individual endpoints. Solutions need to deliver increasingly high performance and consistent end-user

experience by enabling full-scale branch office consolidation and eliminating performance bottlenecks—regardless of

geographical location.

To be able to achieve seamless integration without disrupting current user workflow, experience and optimal

performance, intelligent storage solutions should transparently support the integral part of the Windows File Sharing

framework: the SMB protocol. Optimization is key to increase productivity for file-based applications and benefits by

improving user performance while significantly reducing costs by leveraging the customer’s server infrastructure.

Talon provides an intelligent edge-based global file sharing and collaboration environment that is application agnostic,

utilizes end-to-end distributed file locking, and guarantees file integrity between users in the globally distributed

environments—on-premise, in a public cloud, or both. This patented locking/leasing mechanism allows users to fully

benefit from industry standard application locking principles to ensure productivity and eliminate the loss of data or file

duplicates.

In today’s distributed enterprises, 70% of data currently resides at the "Edge" and there's a significant need for

organizations to secure and manage those file sets more effectively, and preferably centrally. Organizations will benefit

from the technical and business architecture that Talon FAST™, in combination with Microsoft’s Azure NetApp Files,

provides; this approach will transform global enterprise’s multi-site collaboration by guaranteeing improved end-user

productivity and business data protection.

Talon FAST™ and Azure NetApp Files help unify the distribution and presentation of globally accessible content for

distributed storage and business applications. The solution:

✓ Allows a “Single Set” of centralized data that is transparently available throughout the distributed

enterprise, at the datacenter, in branch offices, and remote locations as well as within the Azure Intelligent

Cloud

✓ Centralize and consolidate PB’s of unstructured data on the enterprise-grade Azure NetApp Files platform

file service, hosted in the Microsoft Azure Intelligent Cloud

✓ Benefit from a software-based solution that delivers global file sharing and collaboration with central file

locking, which allows for flexibility, scalability, ease of deployment, and simplified management

✓ Enhance RTO/RPO in terms of on-site infrastructure outage from days to minutes; users will be able to

continue working from their central data set while IT is restoring caching functionality

5

✓ Further enhanced RTO/RPO (down to minutes) by leveraging enterprise-grade time and space efficient

snapshots; backup and recovery of entire datasets (up to 100TiB in size) in a matter of minutes

✓ Deliver a unified approach to global file sharing that eliminates locally managed storage and backups

✓ Guarantees a high-performance end-user experience for critical business applications on-premise as well as

in the cloud

✓ Delivers a unified namespace by aggregating data sets into one “Single pane of glass” for teams globally

✓ Provides a cost-effective solution that simplifies it service management for the enterprise

6

2. SOLUTION OVERVIEW

Talon and Microsoft—powered by NetApp’s ONTAP—assist organizations with modernizing their distributed storage and

their journey into on-premise, hybrid, or public cloud infrastructure(s). This proven solution strategy allows enterprises to

centralize and consolidate unstructured data while leveraging a software fabric that caches “active data” sets in

distributed offices globally. As a result, business users are guaranteed transparent data access and optimal performance

on a global scale.

Talon + Azure NetApp Files: a “major step” in unstructured data management for the distributed enterprise

85% of companies are in the process of adopting a cloud transformation strategy. This means combining on-premise,

hybrid, and public cloud services and associated storage technologies, like file/block-based and object storage (e.g. Azure

BLOB) to host both structured and unstructured data.

Talon and Microsoft recognize the impact on the organization, end users, distributed IT strategy, datacenter, and cloud

operations. The Talon and Microsoft joint-solution approach allows for a scalable, flexible, and cost-effective solution

strategy by addressing all layers of the enterprise from end users, to branch offices, to the datacenter and cloud

infrastructure.

With Talon FAST™ Intelligent File Caching software and Azure NetApp Files, in conjunction with Microsoft Azure,

enterprises can do more than just control their data, they can revolutionize the way they manage unstructured data, both

in their daily operations and how users access that data globally and in-cloud.

Drastically reduce storage footprint

Consolidation with Azure NetApp Files, enhanced with Talon FAST™, enables distributed branch offices total access to the

entire directory structure, giving them streamlined access to all company data while only active data sets are cached

locally. Users have immediate access to all centralized data, which could be 100s of TBs or even PBs of unstructured data,

but only data that is relevant to the user population in that specific site is cached locally in the FAST™ Edge cache.

Additionally, as the active dataset ages over time, the FAST™ Intelligent File Caching purging mechanism clears the least

recently used (LRU) cached files from the local storage cache volume(s).

Streamline and simplify distributed IT

As organizations are aiming to centralize and consolidate their branch office IT storage assets, eliminating complexity and

backups provides significant cost savings. As Talon FAST™ deploys transparently on a (virtual) Microsoft Windows Server

instance, on traditional servers, or on virtualization platforms like Microsoft Hyper-V or VMware vSphere, enterprises can

consolidate local storage and embed services like Microsoft Active Directory, DNS/DHCP, DNS, DFS Namespaces, and

Software Distribution in their streamlined and standardized branch office IT image. Since the actual data is consolidated

and stored safely and securely in Azure, a variety of data management tasks like backup and restore (BU/R), disaster

recovery (D/R), and archiving can now be handled centrally as well, leveraging powerful mechanisms like time and space

efficient snapshots and replication within the Azure Intelligent Cloud. This not only simplifies operations (by taking away

these tasks at “the edge”) but also allows for achieving more aggressive SLAs, further enhancing the business and taking

away business risks.

The FAST™ Fabric, transparently integrated with Azure NetApp Files

By overlaying the Windows File Sharing mechanism, the Azure NetApp Files enterprise platform, which stores

unstructured data on centralized SMB/file shares in Microsoft Azure, can be made globally accessible by implementing

7

Talon FAST™ software. FAST™ provides an edge-based Virtual File Share and Intelligent File Cache at each location, fully

integrating with security principles like Active Directory, ACLs, NTFS permissions, and DFS Namespaces.

Ensure optimal user experience

With Talon FAST™ Intelligent File Caching software, your distributed users are guaranteed an optimal experience. By

accessing and collaborating on data in real-time—transparent to all client platforms—users will feel as if they’re all

working in the same office, anywhere in the world, regardless of bandwidth, latency, and distance.

Unleash the power of the Azure Intelligent Cloud

While the all data can be made accessible globally, the file service also allows for direct access to the data in-cloud. This

means advanced (IaaS) applications, as well as a variety of platform (PaaS) services, can access the data directly in Azure

NetApp Files, providing an extremely powerful, fast, and scalable capability to enhance the business once in Azure. This

could entail file indexing, searchability, HPC, and analytics capabilities readily available in Azure or as 3rd-party offerings,

just to name a few.

8

3. ABOUT TALON FAST™ INTELLIGENT FILE CACHING

Organizations are facing excessive growth of unstructured data and need the ability to centralize and manage those data

sets efficiently. The largest Global 2000 Companies in Architecture, Engineering, Construction, Manufacturing, Energy,

Offshore, Healthcare, Financial Services, and Legal have partnered with Talon to centralize and consolidate unstructured,

file-level data more effectively using their existing datacenter storage while enabling real-time Global File Sharing and

Collaboration for the distributed enterprise.

With Talon’s patented approach to enabling a “Single Set of Data” and leveraging the principles of our Intelligent File

Cache and Virtual File Share, users have seamless access to their centralized datasets in the datacenter, all while quickly

accessing and working on their Active Dataset cached locally.

Talon FAST™ installs on top of Windows Server 2012 R2 or Windows Server 2016 on virtual appliances in Azure and at

each distributed branch office (of choice). Branch offices users connect to their branch office Edge instance which

communicates with the Core instance to provide access to the data as well as central global file locking. The data is

locked, compressed, and streamed to the Edge’s Intelligent File Cache and is then served to the user for utilization.

Talon’s Delta Differencing mechanism allows only the changes to files to be effectively flushed back to the authoritative

source in Azure. Since the data is maintained as closely as possible to the users, they have a highly optimized data access

experience in their daily workflow.

Users outside of the branch office, possibly from home or on-the-road locations, can connect to the central dataset using

their existing VPN connection. This gives users the ability to work remotely outside of a branch office but still access and

collaborate on the centralized data sets. With users going directly to the data source in Azure, it mitigates the traversal

time and latency of connecting via VPN to a branch office Edge instance, which in turn is connected to the Core instance.

More information can be found at https://www.talonstorage.com

9

4. DEPLOYMENT METHODOLOGIES

Talon FAST™ Intelligent File Caching software can be deployed in various ways, either on physical hardware or on

virtualization platforms including Microsoft Hyper-V, VMware, or others. Depending on the client’s needs, the software

can be architected as a hub-and-spoke, symmetric, or hybrid deployment.

The most common topology is a hub-and-spoke deployment, as it is typically used for the purpose of data centralization

and consolidation of storage from distributed branch offices into a datacenter. This paper describes the integration of

Talon FAST™ with Azure NetApp Files, which enables consolidation of all enterprise data onto the secure and scalable

platform for access by any/all users worldwide.

Operating environment summary

The topology referenced herein is a hub-and-spoke model, whereby the network of distributed offices/locations are all

accessing one common set of data in the customer’s public cloud platform of choice. The key points of the reference

architecture are as follows:

1. Centralized data store: Azure NetApp Files service in Microsoft Azure Intelligent Cloud

2. Talon FAST™ Fabric: Extension of the central data store to the distributed locations

a. Talon FAST™ Core VM instance(s), (i.e. DS4_v3), mounting to Azure NetApp Files file shares (SMB) in

Microsoft Azure

b. Talon FAST™ Edge instance(s), running in each distributed location

i. Presents a Virtual File Share that provides access to central data in real-time

ii. Hosts the Intelligent File Cache on a custom-sized NTFS volume (D:\)

iii. Caches “active” data on-demand or by leveraging scheduled pre-population jobs

3. Network connection

a. Microsoft Azure ExpressRoute

b. Virtual Private Network connectivity

c. SSL connection

4. Integration with customer’s Active Directory Domain

5. DFS-Namespace for the use of a global namespace (recommended)

a. Create a unified namespace for users to access data in a consistent manner, always using the local

cache in the (nearest) branch office or directly in Microsoft Azure

b. Leverage Active Directory Sites & Services to enable location awareness and failover/failback

redundancy in case of local branch office outage

c. Aggregate centralized volumes, file shares, and services into a single namespace to allow multi-PB scale

10

Centralized data store with Azure NetApp Files

The main repository for the unstructured data is a (number of) share(s) configured on the customer’s Azure NetApp Files

storage account, hosted in the Microsoft Azure, providing direct SMB access. The customer’s file storage solution

provides volumes associated with corporate file shares hosted on Azure NetApp Files.

See figure below.

This centralized approach to storage management enables organizations to leverage their public cloud and datacenter

best-practices for unstructured data in the enterprise, and to scale storage on-demand, using their proven solutions and

processes for file capacity expansion, offsite storage, and data archiving.

11

AZURE NETAPP FILES

Azure NetApp Files is a powerful, cost-effective, and easy-to-use data management solution for your enterprise cloud

NAS storage workloads. With Azure NetApp Files, organizations can build a public cloud “datacenter” that is the

foundation of a Data Fabric that services the needs of users worldwide. IT teams can then seamlessly manage data as it

flows to wherever needed most, leveraging a centrally managed approach to all data, with the benefits and scale of

public cloud.

Azure NetApp Files addresses challenges the digital enterprise faces by:

✓ Consolidating distributed file servers into Microsoft Azure

✓ Managing distributed storage and IT infrastructure

✓ Simplifying deployment and data management

✓ Flexibly supporting your changing business needs

✓ Providing scalable, on-demand capacity and performance

✓ Powering your enterprise applications, both on-premise as well as in the cloud

Enterprises can simplify their storage environment with proven operational efficiency by leveraging economies of scale

and the resiliency of the Microsoft Azure public cloud infrastructure and services. Data is secured with built-in encryption

and a consolidated approach with local caching gives a global view of storage with a single management console and a

single physical footprint.

Azure NetApp Files features

✓ Seamless workload migration

✓ Low cost Disaster Recovery using public cloud

✓ Reduced storage footprint

✓ Grow-as-you-go file shares

✓ Automated DevOps environments

✓ Azure NetApp Files managed encryption at rest

✓ Cost effective data protection

Unified data management using Public Cloud

Azure NetApp Files allows the enterprise to simplify operations by unifying data management across a consolidated data

footprint. This benefit is further expanded when all enterprise data—even that used primarily by users outside of the

datacenter locale—are using the centralized and consolidated infrastructure, hosted in the public cloud. This provides the

ability to increase the efficiency of IT staff as they can easily move data and scale storage resources when and where

they’re needed most. Azure NetApp Files as a foundation for a global Data Fabric brings increased flexibility, control, and

security across the public cloud storage environment.

12

TALON FAST™ FABRIC

By introducing the Talon FAST™ software and integrating the FAST™ Fabric with existing storage at the datacenter, all

distributed locations can use the centralized Azure NetApp Files file storage resources as if they were local. The result is a

single, centralized storage footprint, versus a distributed storage architecture that requires local data management,

backup, security management, storage, infrastructure footprint, etc. in each location.

The Talon FAST™ Edge instances transparently integrate with the FAST™ Fabric at the customer’s traditional or cloud

datacenter:

1. Distributed locations connect to traditional or cloud datacenter via the Talon FAST™ Fabric

2. Software provides a Virtual File Share and Intelligent File Cache at each location

3. Enables high performance global file sharing with real-time distributed file locking

The software overlays the Microsoft Windows File Sharing mechanism, fully integrating with Microsoft security principles

like Active Directory, ACLs, and NTFS permissions, thereby allowing it to perform at a global scale, even in locations that

are challenged with poor connectivity (low bandwidth or high latency).

✓ Flexible: Storage agnostic, works with any SMB infrastructure including Azure NetApp Files

✓ Intelligent: Caches only what’s needed at the branch (active dataset)

✓ Zero-touch: Automatically purges “stale” cached files over time (LRU)

✓ Performant: Compresses, streams, and reduces data

✓ Consistent: Distributed file locking for enterprise applications

Talon FAST™ Core instance

Sitting in front of the Azure NetApp Files storage service is a single or

multiple FAST™ core instances, each configured on a VM instance. The

FAST™ core will extend the centralized file shares to the organization’s

distributed locations and acts as a “traffic cop” between users in the

distributed locations and the actual file storage in Azure NetApp Files

volume(s).

By leveraging the Talon FAST™ core instances, ACLs and NTFS file semantics are fully supported to ensure data coherency

and integrity; in addition, distributed file locking is ensured regardless of where in the world users are physically located

when they open and work on files.

Talon FAST™ Core instance(s)

1. Mounts corporate file shares, hosted on Azure NetApp Files

2. Provides data-in-transit encryption, streaming and compression between Microsoft Azure and edge

3. Manages distributed file locks / leases, directly handled by the Azure NetApp Files service

13

Talon FAST™ Edge instance

Each distributed office will run an instance of the Talon FAST™ software, configured as an edge instance; the edge VMs

provide the critical performance-enhancing functions such as file caching, file-level differencing, and local service to

users. Each Edge will present the users in that location full visibility to all the datacenter shares to which they are

authorized, essentially allowing even smaller locations the ability to leverage all enterprise information assets without the

need for that data to be physically housed on-site.

The Edge instances can run on Windows Server 2012 R2 and above, either on physical

hardware or virtual infrastructure in the remote location, and will employ an Intelligent

File Caching partition which uses an array of algorithms to retain the most active data

set for that location, ensuring optimal performance for users located there.

Talon FAST™ Edge instance

1. Software Installation Package or Virtual Appliance running on Windows Server 2012 R2 and above

2. Creates a Virtual File Share (e.g.): \\Edge\FASTData\[datacenter]\[fileserver]\[share]\[folder]\

3. Contains the FAST™ Intelligent File Cache

Network connectivity

Connectivity is provided by the customer’s existing network infrastructure, either Microsoft Azure ExpressRoute, or a

secure site-so-site or point-to-site Virtual Private Network (VPN) connection between each location needing access to the

centralized data and the datacenter. With Talon FAST™, there is also the choice of enabling an SSL connection between

the Core and Edge instances if there is no direct connection or VPN available or feasible. When using a VPN, the VPN

must be capable of carrying bidirectional traffic on TCP ports 6618-6630 between the FAST™ Edge and the corresponding

FAST™ Core instance(s).

Configuration guidelines

Please review the Talon FAST™ Hardware and Software requirements and Application Best practices guides at

www.talonstorage.com/support/download (needs registration) to ensure optimal deployment and performance.

14

User experience

By using the Talon FAST™ solution to extend Azure NetApp Files centralized file shares to globally distributed users, these

users have access to these shares via either a UNC path or a DFS Namespace.

The user experience for properly configured systems is analogous to the experience of having a local file server; i.e. users

or applications can navigate to a directory structure, select shares/folders, and work with files. The complete range of file

operations (open, save, copy, paste, etc.) are available to the user requiring no change in workflow.

1. When a user requests use of a file in the central repository, Active Directory will authenticate that user’s access

rights

2. After a successful authentication, the file is opened centrally from the backend file server by the FAST™ core,

and a lock is applied (centrally on Azure NetApp Files) to that file

3. If the file has not ever been used by a user in that location, the file is served using the proprietary streaming and

compression technologies inherent in the FAST™ solution to improve performance

a. If, however, the file has been used by any user in that location before, it is likely already present in the

local cache; in this case the file will be served out of the local cache without incurring network transfer

operations, thereby providing a high-performance experience

i. If the file version in local cache is not the most up-to-date version that is in the authoritative

backend file server repository, any differences (and only the differences) will be sent to the

local cache and merged with the cached version of the file upon open; this maximizes

performance and minimizes network resource use

ii. Note: the file remains locked at the central repository, and was only served after

authentication and lock were performed

4. User operations continue as normal, and any updates/changes/writes will be cached locally

5. Upon save/exit, any changes to the file will be differenced back to the authoritative central copy

6. Upon exit, after the saves are completed centrally, the file is closed, and the lock will be released and available

to other users

15

SUMMARY

This combination of Azure NetApp Files and Talon FAST™ software allows enterprises to consolidate their unstructured

data to a centralized “single set of data,” taking advantage of the flexibility, availability, and economics of a centralized

storage model in the public cloud for one of their largest use cases— unstructured data—while maintaining a reduced

storage footprint at the datacenter and distributed branch locations.

The resulting effect(s) on the business are significant:

✓ A consolidated file storage environment leveraging the benefits of the public cloud and the scalability and

performance from an enterprise storage service

✓ A reduced storage infrastructure footprint at distributed locations through Intelligent File Caching

✓ Significant cost savings in the hardware and management aspects of providing file services to distributed users

✓ The ability to leverage the enterprise-class scale, flexibility, and security of Azure NetApp Files-resident data

across all users, regardless of location, both on-premises as well as in-cloud

✓ Increased flexibility and agility through enhanced global collaboration

✓ Enhanced security and compliance by removing the risk of data loss/leak at distributed locations through error,

disaster, and intrusion

16

5. DEPLOYMENT: BEFORE YOU BEGIN

Consult the Azure NetApp Files requirements at:

▪ https://docs.microsoft.com/en-us/azure/azure-netapp-files/ ▪ A minimum of one Azure NetApp Files capacity pool of any desired (performance) service level and an SMB

volume need to be created Consult the Talon FAST™ Solution Requirements at:

▪ https://www.talonstorage.com/products/fast-product-requirements

Download the Talon FAST™ Virtual Template(s) and Software Installation Packages from:

▪ http://www.talonstorage.com/support/downloads (needs registration)

To complete basic FAST™ configuration tasks, you will need the following information:

▪ (Static) IP addresses for each Talon FAST™ instance ▪ Subnet Mask ▪ Gateway IP address ▪ The FQDN you wish to assign to each FAST™ server ▪ The DNS suffix (optional) ▪ The user name and password of an administrative user in the domain

FAST™ Core instances only:

▪ The domain name, username and password of the FAST™ Service Account. ▪ The FQDN server name of data center file servers ▪ Deployment within the Azure NetApp Files vNET, or peered vNET within the region, is required

FAST™ Edge instances only:

▪ The FQDN and/or IP address of the associated Core server(s). ▪ A Volume to be used as the Intelligent File Cache. It is recommended this be at least 2x the size of the

“active” dataset. This should be formatted as NTFS and assigned as D:\.

Commonly used TCP ports:

There are several TCP ports used by FAST™ services. It is mandatory the devices can communicate on these ports and they be excluded from any WAN Optimization devices or Firewall restriction policies.

• FAST™ LMS and LMC Licensing TCP Port: 443 o FAST™ LMS instance needs to be able to connect to the FAST™ subscription service (Azure Services / public

internet) using HTTPS (TCP port 443) to obtain licensing credentials. o The following URLs are accessed by the LMS instance:

• https://talonazuremicroservices.azurewebsites.net

• https://talonlicensing.table.core.windows.net • FAST™ TCP Ports: 6622-6625 (SSL Encrypted)

• Network optimization devices (i.e. Riverbed Steelhead) must be configured to “Pass-thru” Talon-specific ports

17

Configure antivirus exclusions Antivirus software or other third-party indexing or scanning utilities should never scan drive D:\ on the Edge instance. These scans of Edge server drive D:\ will result in numerous file open requests for the entire cache namespace. This will result in file fetches over the WAN to all file servers being optimized at the data center. WAN connection flooding and unnecessary load on the Edge instance will occur resulting in performance degradation. In addition to the D:\ drive, the following Talon FAST™ directory and processes should generally be excluded from all antivirus applications:

• C:\Program Files\TalonFAST\

• C:\Program Files\TalonFAST\Bin\LMClientService.exe

• C:\Program Files\TalonFAST\Bin\LMServerService.exe

• C:\Program Files\TalonFAST\Bin\Optimus.exe

• C:\Program Files\TalonFAST\Bin\tafsexport.exe

• C:\Program Files\TalonFAST\Bin\tafsutils.exe

• C:\Program Files\TalonFAST\Bin\tapp.exe

• C:\Program Files\TalonFAST\Bin\tfs.exe

• C:\Program Files\TalonFAST\Bin\TService.exe • C:\Program Files\TalonFAST\Bin\tum.exe

• C:\Windows\System32\drivers\tfast.sys

• \\?\TafsMtPt:\

• \Device\TalonCacheFS\

Service account specifics When a Talon FAST™ instance is designated the Core role, FAST™ Edge instances will connect to it to access cloud file service resources. The services on this instance run as a specific domain user account. This account, also known as the “Service Account”, must have the following privileges on each of the Azure NetApp Files SMB volumes that will be associated with the FAST™ Core instance(s):

• The provisioned Service Account must be a domain user o Depending on the level of restrictions and GPOs in the network environment, this account may require

domain admin privileges

• It must have “Log on as a Service” privileges

• The password should be set to “Never Expire” • The account option “User must change password at next logon” should be DISABLED (unchecked)

• Must be a member of the backend fileserver’s local “Backup Operators” groups or “Backup Operators” group in the Active Directory domain when using integrated storage platforms

18

5. HIGH-LEVEL ARCHITECTURE: TALON FAST™ WITH AZURE NETAPP FILES

Talon has identified the following deployment strategy as ‘de-facto’ standard deployment using Azure NetApp Files in

Microsoft Azure, deploying a single or (clustered) FAST™ Core instance(s) next to it, followed by the deployment of the

FAST™ Edge caches at the remote locations using either a .OVA/.VHD template or Software Installation package.

Resources Required The following VM instances need to be provisioned in Microsoft Azure Cloud and in the respective offices. Pricing tiers and service fees may vary, exact calculations can be made at https://azure.microsoft.com/en-us/pricing/calculator/

Instance Location (e.g.) Purpose

Azure NetApp Account West Europe Azure NetApp Files storage account SMB volume(s)

FAST™ Core VM instance

(Standard_D4s_V3) West Europe

Talon FAST™ Core Instance (Active)

Talon License Manager Server

FAST™ Edge VM instance Amsterdam Talon FAST™ Edge Instance (Active)

FAST™ Edge VM instance New York Talon FAST™ Edge Instance (Active)

FAST™ Edge VM instance Sydney Talon FAST™ Edge Instance (Active)

19

Deliverables

The main cloud storage “repository” will be a (collection of) Azure NetApp Files SMB volumes. These volumes will be

created in the regions of choice, and further enhance with the Talon FAST™ Edge and Core instances.

The Talon software will be deployed in Microsoft Azure primary region and identified datacenter regions/branch office

sites, using Windows Server 2016 and interconnected through an ExpressRoute, MPLS, VPN connection initiated from the

branch office, allowing for IPv4 transport between the Talon Core and Edge instance.

The clients/users will authenticate in the local region and will be able to connect to the datacenter/branch office, while

locally accessing the Talon Edge instance for the respective scenario. Each Talon Edge instance presents a FASTData file

share which will be accessible locally through mapping a drive letter to \\Edge\FASTData\ or using a DFS Namespace.

20

6. PROVISIONING AZURE NETAPP FILES

A lot of effort has been put in making Azure NetApp Files highly-performant and scalable, yet easy to consume. A lot of

the complexity of managing an enterprise NAS platform has been removed by fully integrating the ONTAP platform into

the Azure Resource Provider framework. This means Azure NetApp Files is directly configurable and accessible through

the Azure portal.

Storage Hierarchy

Azure NetApp Files consists of a new storage “Azure NetApp” account type within a customer subscription. A total of 10

Azure Storage accounts can be created, each tied to a specific Azure region in which Azure NetApp Files is available.

Within each Azure NetApp Account, a maximum of 25 “Capacity Pools” – with a maximum of 500 TiB – can be created,

and each with a specific Performance Service Level. This means that currently a total of 12.5 PiB of Azure NetApp Files

storage can be managed under one single Azure Subscription.

Finally, within each Capacity Pool “Volumes” – with a minimum size of 100 GiB and a maximum of 92 TiB – can be

created, which can then be configured for NFS or SMB access. These are the entities which will be shared out over the

vNET in which the volumes are provisioned. Both the capacity pools and volumes can dynamically be increased and

decreased in size in order to always match the customer’s business and capacity requirements.

21

Service Levels, Capacity and Performance

Azure NetApp Files is a fully dynamic, on-demand cloud consumable, high-performance, enterprise NAS service. This

means that the service can provide various Performance Service Levels in order to be able to match any customer

business requirement. The overall performance of the service is based on two key aspects: Service Level and Provisioned

Capacity. At the time of writing Azure NetApp Files provides two Service Levels for each provisioned Capacity Pool:

Standard and Premium. A third (Ultra) Service Level is expected to arrive in 2QCY19.

The following table provides shows the performance per Service Level for each TiB provisioned capacity:

The actual performance of a Volume (as shared over the network) however is dependent on the size (quota) of the

volume, following this rule:

It is important to keep in mind that:

1. The maximum total available performance is dependent on the size of the capacity pool and its Service Level

2. The actual volume performance is dependent on the size (quota) of the volume and the Service Level

This approach allows for the dynamic control of:

• Capacity: Capacity Pools and Volumes can be resized on-the-fly, allowing for on-demand provisioning

• Performance: performance can be scaled for on-demand burst use by resizing Volumes (and Capacity Pools)

• Cost: Azure NetApp Files is measured hourly, and charged monthly, per provisioned Capacity. Downsizing

Capacity Pool when performance is not needed results in cost control based on the on-demand provisioning

nature of the service.

22

Example

In this example three volumes are created of different sizes, e.g. to match a customer’s departmental usage. This way

both capacity and performance can be scaled, and—if preferred—charged back based on the departmental usage and

preference. These volumes would then form the basis of the centralized storage and (remote) provisioning and access

will then in turn be enhanced through the Talon FAST™ Edge and Core infrastructure.

For provisioning instructions of Azure NetApp Account, Capacity Pools and Volumes refer to the online documentation

here: https://docs.microsoft.com/en-us/azure/azure-netapp-files/azure-netapp-files-register#register-the-netapp-

resource-provider

Note: To ensure end-to-end secure data access, the Azure NetApp Files service needs to be joined into the same Active

Directory Domain as the Talon FAST™ Core instance (as described below).

23

7. DEPLOYING TALON FAST™ CORE + EDGE I NSTANCES

Deploying the Talon FAST™ Virtual Template

If you are deploying Talon FAST™ using the .OVA or .VHD virtual machine template, follow the steps as outlined in this

section. In this document we assume that you understand how to deploy the .OVA or .VHD template on the designated

hypervisor platform. For both Talon FAST™ Core or FAST™ Edge roles, the same principles apply. Follow the configuration

steps as outlined in chapter 9 of this document to configure the designated role.

Note: Ensure that virtual machine preferences, including resource reservations, are in line with the requirements as

outlined in the Talon User Guide.

Once the Virtual Template has been deployed, and virtual machine settings have been configured, feel free to start the

Virtual Machine. During initial boot, when the Windows Server 2012 R2 operating system is preparing for first use,

complete the out-of-the-box experience by installing the correct drivers and installing the necessary components for the

respective hardware.

When the base install of the FAST™ virtual instance has been

completed, the Windows Server 2012 R2 operating system will

guide you through an initial configuration wizard to configure

operating system specifics such as localization and product key.

Once the initial configuration wizard has completed, login locally

to the Windows Server 2012 R2 operating system with the

following credentials:

LOGIN CREDENTIALS

Username: FASTAdmin

Password: Tal0nFAST!

24

NETWORK CONFIGURATION

To successfully deploy Talon FAST™, you need to configure some basic settings such as IPv4 address, NetBIOS name, and

domain membership through the Microsoft Windows Server 2012 R2 Server Manager management console, which is

automatically started after logging in to the FAST™ instance using the local FASTAdmin account.

Click “Local Server” in the left pane and click the blue

text next to “Ethernet” to open the Network

Connections available to this instance.

Virtual appliances typically provide a single Local Area

Connection to guest operating systems, which is based

on the 1Gbps VMXNET3 interface.

This document only covers the basic configuration of IPv4 addresses, subnet mask, gateway, and DNS server settings

using the “Local Area Connection” virtual network adapter, which is applicable to any FAST™ appliance.

▪ Right-click the “Local Area Connection” adapter

▪ Click Properties ▪ Select Internet Protocol 4 (TCP/IPv4) ▪ Click Properties

This opens the basic IPv4 configuration window. In order to manually

configure the IP address, gather network information from page 4 and

fill out the following fields:

▪ IP Address ▪ Subnet mask ▪ Default Gateway ▪ Preferred DNS Server ▪ Alternate DNS Server ▪ Click “OK” to confirm configuration

The FAST™ instance is now configured to communicate with other devices on the network to join the Active Directory

domain.

25

ACTIVE DIRECTORY CONFIGURATION

Please follow the NetBIOS and Domain configuration steps as outlined in this section.

Note: Screenshots used throughout this document based on Microsoft Windows Server 2012 R2. Your experience may

vary from what is shown.

The Talon FAST™ instance needs a unique NetBIOS computer name. It is recommended to adhere to the company’s

naming scheme for ease of management.

In many cases, the NetBIOS computer name

represents a logical name including a

geographical location, i.e.

Core FAST™ appliance located in Amsterdam

▪ “AMS-FAST1”

Edge FAST™ appliance located in London

▪ “LON-FAST1”

Use the Microsoft Windows Server 2012 R2 Server Manager console to configure the FAST™ instance’s NetBIOS name by

clicking “Local Server” in the left pane.

Click the blue entry next to “Computer name” to open the System Properties window. Click the “Change…” button to open the Computer Name/Domain Changes window Type the desired NetBIOS name in the “Computer Name” field Select “Member of” Domain Type the Active Directory FQDN Confirm by clicking “OK”

Complete the Configuration:

26

• Provide a Domain Administrator’s username and password

• Confirm by clicking “OK”

Once the FAST™ instance is successfully joined to your company’s Active Directory domain, perform a system reboot by

clicking “Restart Now”.

27

SOFTWARE INSTALLATION PACKAGE (UPDATE)

Talon often releases updates to the software, either patches, enhancements, or new features/functionality. Although the

virtual template (.OVA and .VHD) images contain the latest GA release of the Talon FAST™ software, it could be possible

that a newer version is available on the Talon Support Download portal.

Ensure that your Talon FAST™ instances are up to date with the latest GA version available at

http://www.talonstorage.com/support/downloads

Note: This software package can also be used for pristine installations on Microsoft Windows Server 2012 R2, Windows

Server 2016 Standard or Datacenter, or used as part of your upgrade strategy.

Below you can find the steps required to update the Talon FAST™ software installation package:

▪ After saving the latest installation package to the desired Windows Server instance, double-click it to run the

installation executable. Your version number may differ slightly from what is shown below.

▪ Click the "Next" Button to continue the process

28

▪ Optional: check the desired boxes if configuring the Core using Microsoft Clustering Services or if utilizing Azure

Files as a backend server (internet access is required to install these additional features).

▪ Click "Next" to continue

▪ Accept the Licensing Agreement and click “Next”

29

▪ Select the desired Installation Destination Location.

Note: it is recommended that the default installation location be used

▪ Click “Next” to continue

▪ Select the Start Menu Folder

▪ Click “Next” to continue

▪ Verify the desired installation parameters and click “Install” to begin the installation

30

▪ The Installation Process will execute

▪ Once the installation has completed, reboot the server when prompted

31

8. TALON LICENSING: LICENSE MANAGEMENT SERVER

Talon FAST™ includes a software-based License Management Server (LMS), which allows you to consolidate and simplify

your overall license management and deploy licenses to all core and edge instances using an automated mechanism.

How it works

When you deploy your first core instance in the datacenter or cloud, you can choose to designate that specific instance to

become the LMS for your organization. This LMS instance is configured once, connects to Talon subscription service

(HTTPS) and validates your FAST™ subscription using the customer ID provided by our support/operations department

upon enablement of the Talon FAST™ subscription.

Once you have deployed your LMS instance, you need to associate your edge instances with the LMS by providing your

customer ID and the IP address of the LMS instance. This process can be executed manually or automated. For

automation options, either through registry, GPO or PowerShell DSC, or consult your Talon Solutions Engineer.

Subscription Updates

The Talon subscription service is designed to simplify license management. Once you have renewed or extended your

FAST™ subscription, our support/operations department will centrally update the license details, i.e. the number of sites

or subscription end date. Once LMS queries (HTTPS) the FAST™ subscription service, the license details will be

automatically updated on the LMS instance and the (new) license details will apply to your FAST™ core and edge

instances.

Caching

The LMS instance gathers the subscription information, including the number of sites and the end date associated with

the FAST™ subscription. The LMS instance caches these details in case the LMS is disconnected from the internet or the

Talon subscription service is unavailable so you can continue to deploy and validate your licenses.

Requirements

▪ FAST™ LMS instance should be configured on a Microsoft Windows Server 2012 R2 or Windows Server 2016

Standard or Datacenter edition, preferably the Talon FAST™ core instance in the datacenter or cloud

▪ If you require a separate FAST™ LMS instance, you need to install the latest FAST™ software installation package

on a pristine Microsoft Windows Server instance

▪ FAST™ LMS instance needs to be able to connect to the FAST™ subscription service (Azure Services/public

internet) using HTTPS (TCP port 443)

▪ FAST™ core and edge instances need to connect to the FAST™ LMS instance using HTTPS (TCP port 443)

32

Deploying Talon FAST™ LMS instance

In this example, we will configure the LMS service on a Talon FAST™ core instance running Talon FAST™ 4.8 in a Microsoft

Azure region. This is a one-time exercise that allows you to complete the FAST™ LMS deployment.

To start the LMS configuration, open the Talon FAST™ Configuration Console from the designated FAST™ LMS instance

(i.e. initial FAST™ core instance in the environment) and select the option in “System Configuration.”

Or open a web browser (Internet Explorer) and navigate to the following URL:

https://localhost/lms/api/v1/config/lmsconfig.html

▪ Click “Continue to this website (not recommended)” to continue

A webpage will be presented, which allows you to configure the LMS or check existing license information.

33

▪ Choose the mode of registration by selecting “On-Premise LMS”

Note: Azure based LMS is only used when purchasing a Talon FAST™ BYOL or Pay-as-you-go subscription through

Microsoft Azure Marketplace. For an on-premise deployment, select the “On-Premise LMS” option.

You will be prompted to enter the Customer ID (case sensitive) as provided by Talon support/operations department, i.e.

XYZINC.

▪ Click “Register LMS” to complete the registration process. You will receive a message that confirms successful

registration.

34

9. CONFIGURING TALON FAST™

Initial Configuration Wizard

Talon FAST™ 4.8 includes a ‘Configuration Wizard’ for pristine installations of the software. This wizard will guide you

through the process of associating your Talon FAST™ instance with your existing license manager and quickly deploy core

or edge instances.

Once you completed the deployment of the Talon FAST™ virtual instance and committed a reboot, you can start the

configuration wizard by clicking the “Talon FAST™ Configuration Console” icon on the desktop.

• In the opening screen, select “License Manager” and click next

• Follow the steps prompted to complete the Talon FAST™ licensing configuration using the IP address of your

LMS instance and the customer ID provided by Talon

• Based on your selection FAST™ Edge or Core instance, you will be guided through the process of deploying basic

settings associated with the configuration

Note: You may skip the Configuration Wizard and launch the FAST™ Configuration UI by checking the box on the initial

Configuration Wizard screen and clicking “Exit.”

35

Talon Configuration Console

Once the initial configuration wizard has completed, you can launch the “Talon FAST™ Configuration Console” from the

desktop. The Talon FAST™ Configuration console allows you to configure basic System Settings, FAST™ Core and Edge

settings:

Registering your FAST™ Core or Edge instance with FAST™ LMS

Note: the following steps are only required if you skipped the initial configuration wizard or upgraded from a previous

Talon FAST™ software release.

Now that the Talon FAST™ LMS is correctly registered and associated with the FAST™ subscription service, you need to

license the first host in the environment, which is typically the Core instance.

▪ Open the Talon FAST™ Configuration Console from the desktop

▪ Click on “Perform” next to License Configuration in the Initial Configuration section or navigate to the “System

Configuration” tab, which opens the License Manager tab

FAST™ Core Instance

1. Provide the Service Account

Must be a member of backup operators

group on the datacenter file server (i.e FS1)

2. Add the datacenter file server to the list of

backend file servers i.e. FS1

3. Configure Global/Server Exclusion Lists or

Remote Inclusion Lists

4. Configure Selectable File Handling

5. Schedule Pre-population jobs

FAST™ Edge Instance

1. License the Edge Instance

2. Associate the Talon Edge instance with the

Talon Core instance at the datacenter or in the

cloud

o FAST™ Fabric ID (Location)

o IP Address/FQDN of the Talon Core

instance

3. Schedule Edge Pre-population jobs

4. Advanced Settings

36

▪ Provide the IP address of the FAST™ LMS instance, i.e. 1.2.3.4 and Customer ID (i.e. XYZINC)

▪ Select the intended server role, Core or Edge and click “Register” to confirm

Once this Talon FAST™ instance has been configured it will register with the FAST™ LMS instance and a confirmation

message is shown that the site has been registered successfully.

▪ Click “OK” to close this message

37

▪ Once completed you can check that the licensing has been completed by navigating back to the “System

Overview” tab of the FAST™ Configuration Console. License Expiry will display “Never (Activated through

License Server)”

▪ Repeat this process “Registering your FAST™ Core or Edge instance with FAST™ LMS” for each Talon

FAST™ instance in your environment.

Note: The configuration of the Talon FAST™ core or edge instances can be automated through either GPO or PowerShell

Desired-State Configuration. Consult your Talon Solutions Engineer or Talon Support to discuss the options.

38

Configuring FAST™ Core instance – Service Account

Once you have identified the right deployment strategy for your organization, provisioned the required VM instances,

and have completed the licensing part (LMS), you need to start the core configuration.

When a Talon FAST™ instance is designated the Core role, FAST™ Edge instances will connect to it to access datacenter

fileserver resources. The services on this instance run as a specific domain user account. This account, also known as the

“Service Account,” must have the following privileges on each of the SMB servers that will be associated with the FAST™

Core instance:

▪ The provisioned Service Account must be a domain user o Depending on the level of restrictions and GPOs in the network environment, this account may require

domain admin privileges. ▪ It must have “Run as a Service” privileges ▪ The password should be set to “Never Expire” ▪ The account option “User must change password at next logon” should be DISABLED (unchecked) ▪ Must be a member of the backend fileserver local “Backup Operators” groups

Note: For backend fileservers that are not Microsoft Windows Server-based:

o Azure NetApp Files —The account must be a member of the Active Directory domain’s “Backup Operators” group.

▪ Any shares that will be exposed through Talon FAST™ must allow the “Everyone” group “Full Control” at the share level, while restricting permissions through NTFS permissions.

To configure the Talon Service Account on your core:

▪ Click the tab “System Overview” and click “Perform” next to the unchecked “Talon Service Account” step listed in the “3. FAST™ Core Configuration Steps” section of the “Initial Configuration” assistant

▪ This opens a new tab, “FAST™ Core” and shows the section “Talon Service User.” Enter the “User Name” and “Password” of the FAST™ Service Account created in Active Directory

▪ Click “Apply” and confirm the configuration of the Service Account

39

Configuring FAST™ Core instance – Backend File Servers

Talon FAST™ core instances extend central file shares from configured datacenter backend file servers. Talon FAST™ can also be configured in multiple ways to present a backend storage platform. For Azure NetApp Files, we will use Generic SMB.

Please follow the steps below to connect file servers to the FAST™ Core instance.

▪ Click the “Backend File Servers” item in the “FAST™ Core” tab of the Talon FAST™ Configuration Console or use the “CIFS Servers Configuration” step listed in the “3. FAST™ Core Configuration Steps” section of the “Initial Configuration” assistant

▪ Select “Generic SMB,” which is used in conjunction with Azure NetApp Files

▪ To add the Azure NetApp Files SMB service, provide the FQDN of the Azure NetApp Files service (as associated with the Active Directory-Integrated DNS zone) in the “Add New Backend” field containing the backend file server to publish throughout all connected FAST™ Edge servers

▪ Click the “Add” button to add the server to the “Configured Backend Servers” list. The changes are applied directly to the FAST™ Core server configuration without displaying a confirmation box

Note: You must allow the “Everyone” user group “Full Control” permissions on the ACL of each share on the backend file server. Note: Using a DFS root or alias as your backend file server is not recommended and can lead to data loss.

40

Configuring the Talon FAST™ Edge Role

Note: The Edge instance must be licensed prior to beginning the configuration.

When a Talon FAST™ instance is designated the Edge role, it will connect to a FAST™ Core to provide users at the branch

office access to datacenter file server resources.

To configure the Edge Instance Role:

▪ Click “Perform” next to the unchecked “FAST™ Core Configuration” step listed in the “2. FAST™ Edge Configuration Steps” section of the “Initial Configuration” assistant

▪ This opens a new tab, “FAST™ Edge,” and shows the section “Core Instances”

▪ Provide the “FAST™ Fabric ID” of the FAST™ Core server. The FAST™ Fabric ID is typically the NetBIOS name or the geographical location of the backend file server

▪ Provide the “FQDN/IP Address” of the FAST™ Core server or cluster o (Optional) Check the “SSL” box to enable SSL support for Internet connections from the Edge to the

Core. o Enter the User Name and Password which are the credentials of the Talon Service account used on the

Core

▪ Click “Add” to confirm the addition of the FAST™ Core appliance. A confirmation box will appear. Click “OK” to dismiss it.

41

10. IMPLEMENTING A GLOBAL NAMESPACE USING DFS-N

Distributed File System (DFS) allows administrators to group shared folders located on different servers by transparently

connecting them to one or more DFS namespaces. A DFS namespace is a virtual view of shared folders in an organization.

Using the DFS tools, an administrator selects which shared folders to present in the namespace, designs the hierarchy in

which those folders appear, and determines the names that the shared folders show in the namespace.

When a user views the namespace, the folders appear to reside on a single, high-capacity hard disk. Users can navigate

the namespace without needing to know the server names or shared folders hosting the data. DFS also provides many

other benefits, including fault tolerance and load-sharing capabilities, making it ideal for all types of organizations.

DFS namespace allows customers to present a “single pane of glass” to their end users, regardless of the location they’re

in. The intelligence of Active Directory Sites and Services and client workstation’s Partition Knowledge Table (PKT) allows

the users to transparently access their centralized data through the “nearest” Talon FAST™ caching instance in their site

and allow for failover to the “native” central target in case of a local branch office outage.

More information on DFS: https://technet.microsoft.com/en-us/library/cc782417(v=ws.10).aspx

DFS Design

The Microsoft Distributed File System (DFS) is a set of client and server services that allow a large enterprise to organize

many distributed Server Message Block (SMB) file shares into a distributed file system. DFS provides location

transparency and redundancy to improve data availability in the event of failure or heavy load by allowing shares in

multiple locations to be logically grouped under one folder or DFS root. This can be configured in a domain-based or

standalone configuration.

i.e. \\corporate.local\root\share\folder

42

Direct share mapping

Clients are given network-path mapped drives, which connect directly to the Edge appliance cache. This is usually done

with a UNC path of the client folder, for example:

i.e. \\<Talon FAST edge>\<FASTData>\<FAST Fabric ID>\<file server>\<share>\<folder>

Configure Windows Server 2012 R2 Domain-Based DFS for Talon FAST™

Objectives:

▪ Provide a unified namespace solution for both Talon FAST™ Cached file/folder structures

▪ Introduce Client-side referral-based failover/failback solution based on Windows PKT info

▪ Exclude ANY other targets from the Windows Client referral list

Site Definitions and Site Links

Each Active directory site/subnet must be defined in Active Directory Sites and Services. In order to document the logical

network topology, which allows efficient replication of Active Directory; all subnets must be included and linked to a

specific site definition.

It is recommended to configure site links based on a star-topology, i.e. Edge1 -> HQ (cost 200), Edge2 -> HQ (cost 500),

but include the physical network topology in the design process of configuring Active Directory sites. If no altered Active

Directory replication traffic is in place, you can keep the site costs the same (200). Site links define the scope of DFS

Management target evaluation.

Step 1: Create Site Links: (if more than two sites)

1. Open Active Directory Sites and Services

2. Expand “Inter-Site Transports”

3. Right click “IP”

4. Select “New Site Link”

5. Type a name describing which sites will use this link (i.e. NewJersey-Boston)

43

6. Select sites from “Sites not in this site link”

7. Click “Add”

8. Click “OK”

Repeat steps 3-8 for each site link

that needs to be created.

Step 2: Configure “Query Policy” and Global Catalog:

1. Double click on a site

2. Double click “Servers”

3. Select available Domain Controller within the site

4. Right click “NTDS Settings” and select “Properties”

5. Set the Query Policy to “Default Query Policy”

6. Check “Global Catalog”

7. Click “OK” to commit the changes

44

Step 3: Bridge Links:

1. Return to the main screen and double click “Inter-Site Transports”

2. Right click “IP” and select “Properties”

3. Confirm “Bridge all site links” is checked

▪ If it is not checked, closest site selection will fail

4. Click “OK” to commit the changes

5. Close “Active Directory Sites and Services”

DFS Root Configuration default

A domain-Based DFS root namespace includes all sites based on Lowest Cost, which can introduce issues in terms of

client failover. In DFS Management you can configure target failover solution based on "Exclude Targets outside of Clients

site" to circumvent that scenario. For each namespace, configure "Allow Client Failback". Please follow the steps below to

complete the DFS configuration.

If you manage the DFS root from a Windows Server 2008 R2 or 2012 R2 server, you can generate the following structure

as follows. In the exhibit below we are using "\\BosVM.Lab\DFSroot" as a namespace, and "Talon Fast" as a target

referral.

1. Install the DFS management snap-in The DFS Management snap-in has been included since Windows Server 2003 R2,and allows extensive configuration of a DFS infrastructure. In order to comply with Talon FAST™ best practices you should use the management snap-in. This is installed while adding the DFS Namespaces role via the Server 2008 R2 or 2012 R2 “Add Roles and Features Wizard” found in the Server Manager console. More information on installing DFS can be found at https://msdn.microsoft.com/en-us/library/cc731089.aspx?f=255&MSPPError=-2147217396#BKMK_UI

45

2. Configure the DFS namespace as follows ▪ Right-click the Namespace “\\BosVM.labl\DFSroot”, and click “Properties” ▪ On the Referrals tab, set the Cache Duration to 1800 seconds ▪ Set the Ordering Method dropdown to “Lowest Cost” ▪ Check the box “Clients fail back to preferred targets” ▪ Click OK to confirm the configuration change

46

3. Configure the DFS referral to exclude any target references

• Right-click the referral "Talon FAST™" and select “Properties”

• For the "Talon FAST™" reference, check the box for "Exclude targets outside of the client's site" and "Clients Failback to preferred targets"

• Set the Cache duration to 1800 seconds

• Click OK to confirm the configuration change

47

4. Open the Target Referrals listed in the "Talon Storage" referral list

▪ Right-click the native backend referral, and click “Properties” ▪ Click the “Advanced” tab and check the "Override referral ordering" box and change the priority to

"Last among all targets" ▪ Click “OK” to confirm the configuration change ▪ For each Talon FAST™ Edge referral, right-click the referral, select “Properties”, enter the “Advanced”

tab, and ensure that the "Override" setting for referral ordering is unchecked. Click “OK” to confirm the configuration change

Repeat steps 3 and 4 for each referral and target referral list in the namespace.

48

Make sure that your target referral list contains the FQDN of the referral path.

With the above settings, Windows XP SP2, Vista, 7, or 8 clients will only receive the local Talon FAST™ Edge and the native

back-end file server referral in its "DFS Tab" or Partition Knowledge Table (PKT).

Final Steps

In order to complete the configuration of a distributed Domain-Based DFS infrastructure, create a replica of the

namespace on each domain controller. By creating a local namespace replica, you will increase file system operations

performance, as the clients will use their local domain controller. Completing the steps below can be done remotely,

from any Windows Server or client, using the DFS Management console:

1. Right-Click the “\\BosVM.lab\DFSroot” namespace

2. Click “Add Namespace Server”

3. Select the Domain Controller which will host a replica of the DFS root

4. Complete the steps in order to create a DFS root replica on each Domain Controller

Important: Windows Server 2008 R2 Standard only allows a single namespace replica. All enterprise versions of Server

2012 R2 and above allow multiple Domain-Based DFS roots.

Conclusion:

By using the FQDN as a UNC path, you will introduce a unified namespace and failover solutions for all users in your

enterprise network. This simplifies the process of managing data structures, collaborating data between users, and

mapping drives on Microsoft Windows clients.

By utilizing a Domain-Based DFS root, using “Exclude Targets outside of Clients site” functionality for the target referral,

in conjunction with the “Client-Side Target Failback” script, you will be guaranteed proper failover/failback operations.

Microsoft Clients will never failover to any unwanted path.

49

11. FINANCIAL INVESTMENT & ROI

In conclusion, Talon’s software enables customers to reduce costs in several areas as well as providing numerous benefits

to the business. We have identified the key immediate return on investment areas based on many years of experience:

Enabling Distributed File Storage and a proven Cloud Strategy with a software-based approach

Talon’s software is designed to transparently extend file shares from Azure NetApp Files/Microsoft Azure public cloud

storage infrastructure. By choosing Talon FAST™, customers make a strategic decision towards consolidation of

distributed file storage into Microsoft Azure. By centralizing all data and creating a unified global namespace,

organizations can now ensure full transparency and optimal performance to the end users within the distributed

enterprise.

Presenting “Centralized Storage” to the Distributed Enterprise with Talon FAST™

Growth in enterprise data and disconnected data management approaches are causing increased cost, risk, and

inefficiency. Typically, more than 80% of the total data sets are considered “archived” and inactive. The Talon FAST™

solution allows for consolidation of data and integrate the Microsoft Azure cloud to reduce data center infrastructure

complexity, maximize data protection, reduce overall storage total cost of ownership (TCO) by 60-80%, and provision

storage more rapidly.

Cost Reduction by separating active from archive data, including cloud storage

By leveraging the Talon FAST™ solution, customers can drastically reduce costs and IT infrastructure complexity by

streamlining existing on-premise file server infrastructure, reducing redundant branch office storage aspects, including

application data into the centralized public cloud platform. FAST™ is designed to align with this strategy by unifying the

approach to present content in a single namespace, including file shares, folder structures, documents, and project files

to end users throughout the distributed environment.

Enabling Global Collaboration to business users

Additional benefits can be found in enabling real-time global collaboration. End users and knowledge workers can

effectively share information on-site and between all distributed locations without the need to wait for Native WAN

access, unresponsive applications, or having to create additional copies of the same data at multiple locations. This

makes the most effective use of users’ time and resources associated with using and managing alternate types of

solutions.

Elimination of extensive Local File Storage and Backup

Talon FAST™ File Acceleration and Storage-Caching Technology™ allows customers to drastically reduce their storage

footprint associated with unstructured data sets on a global and local scale throughout their distributed enterprise. The

FAST™ software’s Intelligent File Caching mechanism utilizes a local cache to store a unique active data set currently in

use by knowledge workers or engineers at a specific branch location. The FAST™ solution guarantees optimal global file

access to all files presented by Azure NetApp Files hosted in the Microsoft Azure datacenter(s). FAST™ allows enterprises

to achieve complete consolidation of storage and infrastructure, including backup management, capacity management,

availability management, and audit/compliance management (GDPR). Through this unique caching and consolidation

solution local storage and backups are eliminated and enterprises can phase out local file servers at their branch

locations.

Customer studies and industry storage models have shown that up to 70% of storage costs can be eliminated by using the

Talon FAST™ consolidation strategy, and the ROI for these enterprises is better than any other available industry solution.