Limiting share access by SmartConnect Zones

Just getting started with the Isilon and I'm trying to find out if it's possible to define which shares (or IFS sub-directory) can be accessed by a specific SmartConnect zone without relying on access based enumeration.

The intent is to easily configure to only see shares 1, 2 and 3, while can see shares 4, and 5.


0 Kudos
2 Replies
4 Tellurium

Re: Limiting share access by SmartConnect Zones

Yes, at least for SMB shares you can use multiple "Access zones" (new in OneFS 7.0), where each access zone ties together  only selected shares, SmartZonnect zones/pools  and authentication providers.

-- Peter

Re: Limiting share access by SmartConnect Zones

You need to look into Access Zones.  By default Isilon has one Access Zone called "System".  You can create a new access zone,  associated it with a SmartConnect subnet.  Once you do that then that new access zone has an "visible shares" options where you can select which SMB shares the Access Zone can see.

NFS still must use the System access zone.

I'd also mention the default "System" access zone is uses with the default subnet (subnet0:pool0). Do not remove "System" for subnet0:pool0 until you have assigned another subnet to System,  or you will lose SSH and WebUI access.

0 Kudos