CONFIGURATION GUIDELINES: EMC STORAGE FOR PHYSICAL SECURITY

(1)

White Paper

EMC Solutions

Abstract

This white paper provides guidelines for configuration and bandwidth assessments based on EMC test results. The bandwidth numbers can vary based on many factors including network configuration and utilization, disk utilization, computer type, and other factors.

October 2012

CONFIGURATION GUIDELINES:

EMC STORAGE FOR PHYSICAL SECURITY

DVTel Latitude NVMS, EMC Isilon



DVTel Latitude NVMS performance using EMC Isilon storage arrays

(2)

Configuration Guidelines: EMC Storage for Physical Security

DVTel Latitude NVMS, EMC Isilon 2

EMC believes the information in this publication is accurate as of its publication date. The information is subject to change without notice.

The information in this publication is provided as is. EMC Corporation makes no representations or warranties of any kind with respect to the information in this publication, and specifically disclaims implied warranties of merchantability or fitness for a particular purpose.

Use, copying, and distribution of any EMC software described in this publication requires an applicable software license.

For the most up-to-date listing of EMC product names, see EMC Corporation Trademarks on EMC.com.

(3)

Executive summary

Storage is a major component of a physical security installation. To understand how to design and deploy a DVTel Latitude Network Video Management System (NVMS) physical security solution, you must evaluate video retention times, frame rates, common intermediate format (CIF) values, and other video quality parameters. This is to determine the aggregate bytes that are required to be written to storage each second and to determine the amount of storage required.

When you define the aggregate storage bandwidth, along with the total storage requirement, you can use this technical note to determine which storage array best meets customers’ requirements.

DVTel has been qualified in the EMC®_{Physical Security lab with network-attached}

storage (NAS) EMC Isilon® _{108NL arrays. Bandwidth limitations are application based,}

therefore any Isilon array from the 108NL and greater (X200, S200, NL400, and so on) perform equally well. This technical note provides guidelines for EMC Isilon product lines only.

EMC storage for physical security solutions provides optimal solutions for

surveillance management and IT infrastructure. EMC solutions provide a flexible and highly scalable infrastructure that can meet a broad range of today’s demanding physical security requirements. By leveraging the surveillance management software from DVTel and IT infrastructure components from EMC, customers are assured that they will receive a high yield return on their investment.

In addition, EMC storage technology enables customers to backup their primary servers nondisruptively, while the system remains online and available to users. As customers’ requirements change and become more sophisticated, the flexible, modular architecture of this EMC physical security solution enables you to enhance the EMC storage technology to meet customer needs.

Results for other EMC arrays, including EMC VNX®_{arrays based on Fibre Channel (FC)}

and iSCSI, will be provided in the next release of this technical note.

This technical note provides guidelines for configuration and bandwidth assessments based on EMC test results. The bandwidth numbers can vary based on many factors including network configuration and utilization, disk utilization, computer type, and so on.

The test results include the:

 Recommended cache configuration  Bandwidth for each share

 DVTel maximum bandwidths per Isilon node  Disk drive types and storage protection levels

Business case

Business environment

(6)

Introduction

This technical note provides you with the information you need to:  Size EMC storage arrays for required bandwidths

 Determine the number of DVTel Latitude Archivers that are required based on aggregate bandwidth

 Determine Isilon node-to-Archiver ratio The scope of this technical note is to:

 Present bandwidth information for DVTel Latitude 6.2, when attached to EMC Isilon storage systems

 Describe several EMC Isilon storage array configurations  Summarize test results carried out by EMC

 Provide configuration guidelines for the DVTel Latitude NVMS 6.2 appliance The intended audience for the technical note is EMC personnel.

Using this technical note, EMC personnel can determine the best configuration for:  The number of Latitude Archivers required

 An Isilon implementation—the desired mix of nodes and Archivers based on the expected bandwidth

 Storage protocols (such as NAS)

 The load factors related to designing EMC Isilon storage array into the customer’s solution

Purpose

Scope

(7)

Common intermediate format (CIF)

Table 1 details the video pixel density standard used in video conferencing and physical security. As described in the table, the 4CIF format is four times the pixel density of CIF.

Table 1. CIF resolution

CIF format Resolution (pixels) PAL NTSC CIF 352 x 288 352 x 240 2CIF (CIF x 2) 704 x 288 704 x 240 4CIF (CIF x 4) 704 x 576 704 x 480

QCIF (Quarter CIF) 176 x 144 176 x 120

480i/p 704 x 480 704 x 480

720i/p 1280 x 720 1280 x 720

1080i/p 1920 x 1080 1920 x 1080

There are two color TV standards—Phase Alternating Line (PAL) and National Television Standards Committee (NTSC).

Note: CIF definitions were originally created in Europe, where the PAL color TV standard is

used. The CIF definition was later expanded to include the NTSC definition. We performed all the testing covered in this technical note using video with 4CIF pixel density.

Block-level storage system

A block-level storage system writes and reads blocks of data using logical block addresses (LBAs), which are translated into disk-sector addresses on the drives. SAN storage environments use block-level storage to provide a higher level of

performance compared with file-level storage.

File-level storage system

A file-level storage system adds a level of abstraction above the block-level access. In this case, the host’s data is sent as file system extents, which must be mapped to logical disk blocks before they are stored on the hard drives. NAS refers to file-level storage.

(8)

Technology overview

EMC storage arrays are ideal for storing video and audio data. This technical note provides information about the:

 EMC Isilon array

 SMB2 (CIFS) network protocol

Microsoft Windows minimum system requirements for DVTel Latitude Archiver are as follows:

 Microsoft Windows 2008 64-bit  Four-core 2 GHz processors or greater

 Intel 31xx, 33xx, 52xx, 74xx, or AMD 13xx, 23xx, 84xx series processors, or later

 8 GB of memory for each VMware guest running a Latitude server

DVTel Latitude is a network-based video monitoring and recording system, composed of servers and clients, as well as encoders and decoders, connected over a network. Usually, the system resides on a dedicated, rather than a corporate network. DVTel recommends that you always consult a network administrator before installing Latitude. A DVTel Latitude installation can consist of a single server or multiple servers in a hierarchical structure. You can further distribute the DVTel Latitude Windows services that provide the primary server functionality to additional Windows servers.

You can configure Latitude installations to handle a few cameras to thousands of cameras.

The primary Latitude services are:  Gateway

 Directory

 Event Distributor (EDB)  Archiver

The Gateway, EDB, and Directory services may be installed on the same Windows Server 2008 32-bit or 64-bit system. In our tests, we installed these services on a single virtualized host running Windows Server 2008 32-bit.

As a best practice, we installed all the DVTel Latitude Archivers on physical computers, with Windows 2008 R2 64-bit installed.

(9)

Maximum bandwidth

The tests in this technical note are based on the bandwidth that DVTel Latitude can write to an EMC Isilon Storage array.

Table 2 shows the bandwidth summary for the Isilon array tested. Tests presented are based on a more than 90 percent write rate and with an active (forced) failure on the array. The total bandwidth is with a full complement of drives.

Table 2. Maximum array bandwidth

Array Fibre Channel

bandwidth

iSCSI bandwidth

CIFS bandwidth

Isilon 108NL N/A N/A 30 MB/s (per node—single Archiver)

Although Isilon supports a minimum cluster size of three nodes, EMC recommends a minimum Isilon cluster of five nodes for video storage. Space calculations must include a minimum of one extra node plus 15 percent to accommodate a node failure or removal. Because the bandwidth scaling is in direct proportion to the number of nodes in the cluster, the array/cluster maximum bandwidth is determined based on the number of nodes.

(10)

Isilon 108NL configuration

The OneFS®_{file system is a distributed network file system}1_{designed by EMC Isilon}

Systems for use in its Isilon storage appliances.

Isilon OneFS does not rely on hardware-based RAID for data protection.

Based on the Reed Solomon algorithm for N+M protection, the Isilon system uses parity protection. In the N+M data protection model, N represents the number of nodes, and M represents the number of simultaneous failures of nodes or drives, or a combination of nodes and drives that the cluster can withstand without incurring data loss. N must be larger than M. OneFS supports N+1, N+2:1, N+2, N+3:1, N+3, and N+4 data protection schemes, and up to 8x mirroring.

 Protection is applied at the file-level, enabling the cluster to recover data quickly and efficiently. Nodes, folders, and other metadata are protected at the same or higher level as the data blocks they reference.

 Because all data, metadata, and forward error correction (FEC) blocks are striped across multiple nodes, there is no requirement for dedicated parity drives.

Set all jobs to an Impact Policy of Low. This reduces the number of workers the cluster will enable for each job to run in parallel. In addition, background jobs consume less CPU. This improves performance in the unlikely event of a node failure or other recovery activities, such as disk rebuilds. Recovery processes will take longer at an impact of Low. If recovery time duration is a concern, the protection level could be increased to +3:1 or greater.

Perform the following checks and steps on the Isilon OneFS configuration:

1. OneFS v6.5.4.4 B_6_5_4_76 (release tested).

2. SmartQuotas is licensed and configured.

3. SmartConnect Advanced is licensed and configured (optional but recommended).

4. Create a folder per Archiver.

5. From the domain administrator credentials, configure “Write” permissions for each DVTel video storage folder as shown in Figure 1.

1_{Distributed network file system: In computing, a distributed file system or network file}

system is any file system that enables access to files from multiple hosts sharing via a computer network. This makes it possible for multiple users on multiple computers to share files and storage resources.

(11)

Figure 1. Permissions

Note: Once you create the folder, use the “add share” function for that folder.

SmartQuotas

SmartQuotas is an add-on product that must be purchased and configured when more than one Archiver is writing to an Isilon cluster. Smart Quotas defines the storage limitation policies required for video storage, which eliminates issues caused by multiple Archivers independently managing video storage.

To configure Smart Quotas:

1. Set the hard threshold to the Archiver video file share limit.

2. Define OneFS to display the available space as the size of the hard threshold.

3. Set the usage calculation method to display the user data only.

Impact Policy configuration

The Impact Policy defines the number of parallel tasks or workers enabled to run at one time within OneFS. Set all background jobs with the Impact Policy set to Low for best performance. This setting is located in Operations > Jobs and Impact Policies.

 Configure all jobs with an Impact Policy set to Low.  Do not change the priority of any job.

OneFS worker settings

To achieve the required bandwidth during disk rebuilds, node recovery, node remove, or when other high priority background jobs are running, you must modify the

performance characteristics of the Low Impact Policy.

Note To avoid undesirable results, use extreme care when modifying Impact Policy execution parameters.

Make the following OneFS modifications to allow DVTel’s NVMS to achieve its maximum performance:

 Set the Impact Policy for all jobs to Low.

(12)

 impact.profiles.low.local_backoff_load_factor=0.5  impact.profiles.low.max_workers_per_core=2  impact.profiles.low.max_per_storage_unit=0.5  impact.profiles.low.min_per_storage_unit=0.1  impact.profiles.low.workers_per_core=0.1

Modifying the workers extends the duration for most Isilon Cluster maintenance activities.

I/O optimization configuration

Set the default I/O Optimization setting to Streaming. This setting is located in

SmartPools > Settings > Default File Pool Policy Settings.

Note: A SmartPool license is not required for this setting to be active.

Table 3 shows the SMB2 (CIFS) bandwidth tested for Isilon storage arrays.

Table 3. Node/5-Node Cluster bandwidth: Isilon 108NL –CIFS

Array Archivers per node Total bandwidth (MB/s) Bandwidth per node (MB/s) Bandwidth per host (MB/s) Protection level No. of nodes in cluster No. of nodes written to Disk type Disk size Disk RPM 108NL 1 90 30 30 +2:1 5 3 SATA 3 TB 7,200 108NL 1 150 30 30 +2:1 5 5 SATA 3 TB 7,200

Adding a node to the cluster can cause a bandwidth reduction of short duration. In the EMC lab, the reduced bandwidth lasted for less than 10 minutes. Add nodes during off peak time as a scheduled change.

Removing an Isilon node from a cluster is a user-initiated activity that results in an extended period of reduced bandwidth.

Note: In a scheduled change, expect reduced bandwidth for many hours when performing

the removal of a node.

Table 4 details the reduced bandwidth expected, when a node is permanently removed, while maintaining a 20 percent read rate during the process.

Using the Isilon configuration recommended in this technical note results is a node removal duration that you can calculate with the following formula:

Days = SpaceUtilization%/3.4

The factor of 3.4 was determined based on multiple tests at varying Isilon cluster utilizations.

Bandwidth on CIFS testing

Node addition

(13)

Table 4. Node addition/removal - reduced bandwidth Array Archivers per node 2_Duration factor Bandwidth per node (MB/s) Bandwidth per host (MB/s) Protection No. of nodes in cluster No. of nodes written to Disk type Disk size Disk RPM 108NL 1 3.4% 27 27 +2:1 5 3 SATA 3 TB 7,200 File systems

The following best practices are based on a five-node minimum cluster size:

 Use the default data protection level of +2:1 as the minimum data protection. We used a +2:1 protection level while performing the tests described in this technical note.

 To enable for recovery of a node failure or a manual node removal, the

minimum free space must be equivalent to one complete node plus 20 percent per node.

Note: You can use cluster sizes down to a three-node cluster, although this is not

recommended.

Data protection

When using file systems for Isilon storage arrays, the following best practices apply:  You must enable Smart Quota with a quota defined for each share.

 EMC recommends a five-node minimum cluster size for file systems, even if not writing video directly to all nodes. For example, if implementing a four-Archiver solution, implement a five-node cluster. This also meets the best practices for data protection guidelines.

(14)

Network protocols

EMC Isilon supports NAS protocols such as network file system (NFS) and SMB (CIFS). The DVTel solution utilizes SMB connections to the NAS device. Isilon provides an excellent Tier-1 platform for DVTel Latitude.

(15)

Environment profile

Table 5 lists the environment profile parameters for this solution.

Table 5. Environment profile parameters

Parameter Value

DVTel Latitude application software  Latitude 6.2

 Installed on Microsoft Windows Server 2008 32-bit and 64-bit

 Latitude Archiver requires Microsoft Windows Server 2008 64-bit

Network protocols  DAS

 NAS

 CIFS

(16)

Hardware and software resources

Table 6 lists the hardware resources used in the validated solution testing.

Table 6. Hardware resources

Equipment Configuration

Isilon 108NL +2:1

Table 7 lists the software resources used in the validated solution testing.

Table 7. Software resources

Software Version Configuration

Microsoft Windows Server 2008 32-bit

SP2 Operating system for Latitude Directory, Gateway, and EDB servers

Microsoft Windows Server 2008 64-bit

R2 SP1 Operating system for Latitude Archiver Latitude ControlCenter;

Latitude AdminCenter Latitude 6.2 At a minimum, install one of each application

Hardware resources

(17)

Conclusion

DVTel Latitude NVMS is a fully scalable, enterprise-class media management system that, when combined with the scalability and ease of use associated with the EMC Isilon storage arrays, provides customers with an exceptional operating environment. As tested, the Isilon 108NL 5-node cluster could accommodate 30 MB/s (240 Mb/s) per 108NL node from a DVTel Latitude Archiver. Using the setup and configuration as presented in this technical note, the per-Isilon 108NL node bandwidth will remain consistent even during various failure scenarios.

Table 8 summarizes the key points that this solution addresses.

Table 8. Key findings of this solution

Key point Solution objective

Private businesses and public entities have responded to the rising concerns about theft, fraud, and terrorism by sharpening their focus on physical security and surveillance systems.

EMC offers physical security solutions that unite disparate legacy systems and state-of-the-art infrastructure, and enable organizations to manage their growing volume of physical security information.

Physical security solutions require data storage that meets the individual needs of each installation.

EMC provides numerous storage arrays to meet the capacity, bandwidth, and cost requirements for all customers.

Organizations are moving away from backroom security operations into IT-managed systems providing backup, recovery, and system support.

Moving physical security solutions into the data center provides structured approaches to data integrity, system security, and operational efficiencies. EMC provides industry-leading data-protection methods, industry-leading system security with RSA®_{, and operational efficiencies.}

Summary

(18)

References

For more information, see the following product documents:  Isilon IQ Network Configuration Guide

 Isilon OneFS Configuration Guide

Product