ImmutaVault Summary The ImmutaVault feature uses the combination of a virtualization technology, data encryption, orchestration services, and an application program interface to electronically sever the network connection from the data such that the data, once ingested into the data system, cannot be accessed by any third parties either over the network or directly attached to the system itself. A Vaulted system is a single node, or collection of like nodes, that are not physically connected via a network connection to another system. An air gapped system is critical for data protection, whereby eliminating the network access creates a strong security boundary that can only be breached by direct, physical access. For further details, read Immutavault Terminology. Vault Home Page The Vault Home Page will present: The Vault Home Page can be divided into three parts: Vault Overview - The Vault Overview displays a quick representation of the Vault’s status at any given time. This display shows the number of Vaults currently in the Staging, Sealed With Contents Verified, and Read-Only Views Opened statuses. The Vault Banner - The Vault Banner allows for the creation of new Vaults, as well as buttons to see different information of the listed vaults below the banner. The buttons are customizable via clicking the Custom button. Inherently, the navigation buttons will show the General and Details options. Further, the banner allows for the export of a Vault by clicking the Export button, selecting a desired file format and name, then clicking Export. Finally, the Banner allows for the search of any vault by name in the list below. Vault List - The Vault list shows all of the Vaults on a BrickStor SP at any given time. The List is divided into four columns: Actions - Contains the options to Generate Manifest, Finish Staging/Seal, Configure, and Destroy a Vault. Vault - Displays the name of any existing Vault. Owners - Displays the name of the creator of any Vault. Status - Displays the current status of any Vault. Creating a Vault Beginning on the Vault Home Page, the steps to create a Vault are as follows: Click Create Vault in the banner section of the Vault Home Page. The Create Vault Page will present: This page allows for the customization of a Vault that is to be created. Select the desired Path for the Vault by clicking the Downward Arrow located beneath the New Path Header. Enter the desired name of the Vault by Clicking the empty field to the right of the path selection, and entering the desired name of the Vault. Select the desired Storage Profile by clicking the Downward Arrow located beneath the Storage Profile Header. If the creator of the Vault intends to use the Storage Profile settings from another dataset, simply click the Checkbox to the right of the Storage Profile selection. Optionally, enter a description for the Vault by clicking the empty field beneath the Description header, and typing the desired content. Under the Options section, select any arrangement of configurations for the vault. Once finished, click Next at the bottom of the Create Vault Page. The Vault page will present: Vault Page This page provides an overview of the Vault that is being created. Under the Owners section, the default owner will be listed. To see details of their ownership, simply Click the owner name. The owner name, SID, and option to view in advanced detail will present. To view more details, click to view in a New Page. To exit the owner details screen, click the X at the top-right of the sidebar. To add an owner, click the Add Owner button. The ability to search for and add an existing owner is available by searching for the owner name, and clicking Add Owner. To designate a holding period for the Vault, enter a holding date following M/d/y h:mm AM format under the Retain Until Section. To designate a Auto Destroy date for the Vault, enter a destroy date following M/d/y h:mm AM format under the Auto-Destroy Section. Once the Auto-Destroy date is passed, the Vault will be destroyed, and the data within will no longer be accessible. Once the desired settings have been configured, click Next at the bottom of the page. Vault Permissions The Permissions section will present: To add permissions to a Vault, click the Add button and search for permissions within the provided search bar. Once located, click the Select button to add the located permissions. To Recursively Apply the selected permissions to any previously created vaults, simply click the Slider beside Recursively Apply. Permission configuration on a by-user basis is completed by clicking the button that defaults to Full Control and selecting from the provided options. The option to select any arrangement of available permissions is possible. Once selected, click the Add button. The ability to set any added owner is available below by clicking the Set button, and searching for the desired owner. Once finished, click the Select button. Once finished, click the Next button at the bottom of the page. Vault SMB The SMB Screen will present: Here, the option to enable/disable SMB on the Vault is present by toggling the Slider at the top-right of the page. The Share name will default to the Vault name, but is editable by clicking the open field where the default name is present, and typing the desired name. Optionally, enter a description for the Vault by clicking the empty field beneath the Description header, and typing the desired content. The option to enable/disable Access based enumeration ABE, Hide Previous Versions, and Host based access control is configurable by clicking the Sliders. SMB Encryption is a feature that provides end-to-end privacy and integrity assurance between the file server and the client. It can be disabled or enabled on the share level by setting Encryption property to Supported, Required or Disabled. These selection augment the following: Disabled → Encryption is disabled. Supported → Encryption is enabled but not enforced. The SMB client will negotiate whether to use encryption or not. Required → SMB 3+ feature. Encryption is enabled and required in order to establish the connection. If advanced options are desired, enter any desired sharemgr commands in the empty field located beside the Advanced section. Once finished, click the Next button at the bottom of the page. Vault NFS The NFS section will present: The option to add Read-Only Hosts, Read/Write Hosts, Root Hosts, and Deny Host, is configurable by searching for the host name via the empty fields beside each respective section. The security mode (defaulted to sys) can be configured by clicking the downward arrow and selecting the available options by clicking any displayed option. The option to enable/disable Hide descendant datasets, and Data security labels is configurable by clicking the provided Sliders. If advanced options are desired, enter any desired commands in the empty field located beside the Advanced section. Once finished, click the Next button at the bottom of the page. Vault Settings The Vault Settings screen will present: The option to select the storage profile location is located by clicking the defaulted location name. To add a description, click the empty field to the right of the Description header. Data Quota, Data Reservation, Quota, and Reservation data limits may be set to a configurable memory unit. Enter the desired numerical value by clicking the open field to the right of the respective headers. Select the desired memory unit by clicking the downward arrow next to the defaulted memory value, and selecting the desired memory value. To view the advanced list of settings, toggle the slider at the top-right of the page: The following is a list of configurable advanced settings: ACL Implicit - Controls whether the owner of an object has implicit owner rights. ACL Inherit - Controls how ACL entries are inherited when files and directories are created. ACL Mode - Controls how an ACL is modified during chmod. Cache Policy (Level 1) - Ultra-low latency, high bandwidth cache. Cache Policy (Level 2) - Very-low latency, aged-data high bandwidth cache. Compression - Select which compression algorithm to run on the dataset. Copies in addition to RAID - Select the (max 2) number of vault copies. Deduplication - Select the value and granularity of Deduplication checks within the Vault. Filename Case Sensitivity - Manage the Vault’s sensitivity to upper/lowercase lettering. Filename Comparison - Select from a basic comparison level, or from a variety of Unicode form levels. Filename UTF-8 Only - Toggle adherence to UTF-8 Filename formatting. Flush Data to Stable Storage - Defaults to Synchronous (POSIX Standard), but may be changed to All or Periodic. When configuring Data Flush, the choice of All will heavily impact system performance. Periodic will yield quick performance, but puts the data at the highest available risk. Indexing - Toggle the Indexing utility. Integrity Checksum Algorithm - Configure the Integrity checking on user data. Log Bias - Defaulted to Latency, can be changed to Throughput if streaming large files. Metadata Redundancy - Configure the amount of metadata redundancy in addition to RAID. Mount - Configure whether or not to allow the Vault to be mounted, or only allow mounting of the Vault via explicit action. Non-Blocking Mandatory Locks - NBMAND lock coordination across SMB, NFS and local processes. Read Only - Configure the Vault to be editable or read-only. Record Size - Determine the desired Record size at the byte level. Smart Folders - Automatically create sub-dataset when client creates top-level directory. Update Access Time on Read - Changes the date last accessed when a user reads the Vault. Any/all of the Advanced settings may be configured in any orientation to achieve the desired Vault settings. Once finished, click the Next button at the bottom of the page. Vault Active Defense The Active Defense screen will present: The option to toggle Active Defense on/off is present at the top-right of the Active Defense section. If the decision is made to toggle Active Defense off, the further section options will hide, click the Next button to continue. The option to Temporarily Suspend Blocks, or to try active defense detection without blocking users/hosts, is configurable on/off by clicking the Slider beside the header. The option to Temporarily Suspend Collection is configurable on/off by clicking the Slider beside the header. The option to enable/disable Excessive File Access protocol is present the top-right of the Excessive File Access section. The Excessive File Access Section allows for the configuration of a file range that notifies administrators after a set amount of file Reads, Writes, and Deletes. The option to configure the blocking of these abilities after a numerical limit is reached is also present, along with the ability to disable the notification limits at each level. To configure the Excessive File Access values, click to select the desired empty field and enter the desired numerical value to set the limit of files before/after notification and blocking of File Access. To remove a specific notify or block parameter, simply click the X beside the parameter that is to be disabled. Once finished, click the Next button at the bottom of the page. Vault Auto Snapshots The Vault Auto Snapshots screen will present: The option to select between a storage profile or custom Auto Snapshot policy is present. To configure this selection, click to highlight the button beside the desired Auto Snapshot policy. If a custom Auto Snapshot policy is selected, the Auto Snapshot Creation section will change from listed, to configurable values pictured below (Shown with Alternate retention set to On): Auto Snapshot configuration is completed by first selecting the interval that Snapshots will be taken on the system. The default value is every four hours, but may be changed by clicking the default field, and entering a desired numerical value, as well as a time signature (ex: 6h, 1d, 30s). The Snapshot Retention value will augment the amount of saved Snapshots on a Vault at any given time. This value operates on a rolling basis, when the maximum value is reached, the oldest Snapshot is deleted to make room for a newer Snapshot (The option to prevent the Rolling nature of Snapshots is configurable via the Slider at the bottom of the Auto Snapshot Creation section). To configure this, click the (default 30) value, and enter the desired numerical amount of Snapshots to hold at a given time. Additionally, the option to retain Snapshots on a per-day/week/month/year basis is configurable by clicking the field to the right of the desired retention time, and entering the desired numerical retention value. Optionally, the ability to select Alternate retention for replicas will present the Replica Retention section of the Snapshot settings. This allows for similar configuration as discussed above, allowing selection of retention amount by a numerical amount as well as Replica retention on a per-day/week/month/year basis. Once finished, click the Next button at the bottom of the page. Vault Confirmation The Vault Confirmation screen will present: Here, an overview of the vault that is being created will be shown. If the settings contained in the Vault Overview appear correct, click the Create Vault button at the bottom right of the screen to create the Vault with the configured parameters. The Vault Details Page Once a Vault is created, or when clicking a Vault’s name from the Vault Home Page, a Vault Details page will present: The Vault Details Page begins with a General overview of the Vault status. It will denote the current status of SMB and NFS on the Vault, and show the location/current storage amount on the Vault. Further, the Vault Details Page will show the Vault’s configuration settings selected when Creating a Vault by section. Most importantly, the Vault Details Page shows the current status of the Vault in its Manifest/Staging/Sealing Process. Staging, Manifesting, and Sealing a Vault Vaults, when created default to the Staging phase. In this phase, the Vault’s settings and ownership are configurable via The Vault Details Page. To begin the Manifest Generation, Staging and Sealing of a Vault, begin at the Vault Section of The Vault Details Page. Vault Manifest The Vault Manifest functions as a thorough documentation of the present Vault data and its configuration parameters. It serves as an authenticated catalogue of all vault contents by recording file details and their respective hashes. The Manifest undergoes hashing and subsequent signing, establishing a fully verifiable chain of trust, ensuring the integrity of the vault files. Consequently, these files can be extracted from the vault and stored elsewhere, offering a permanent, standalone record of the vault’s contents, independent of the vault system. The Manifest records a list of all files within the vault and their checksums. The system generates a Manifest automatically during the sealing process. Creating a Manifest independent of sealing allows for content validation before initiating the sealing process. Accessing Manifest File(s) Sharing Options: Manifest file(s) are accessible for download by sharing the Vault via SMB/NFS. Manifest output consists of the following: .rtvault_manifest.txt - Vault manifest. .rtvault_manifest.sha256 - Checksum of the .rtvault_manifest.txt file. .rtvault_manifest.sig - Vault signature. Manual Manifest Generation To begin the Manifest Generation, click the Generate Manifest button in the Vault Section of The Vault Details Page. Clicking the Generate Manifest button in either the Vault Road Map or Actions section will yield the same result. Ensuring the Vault name is correct and the Manifest Generation is desired, click the Generate button. The following will present: Here, a confirmation of the completed Manifest Generation will appear, as well as a listing of metadata regarding the Vault and what was manifested on it. It is recommended to copy and save the Manifest Hash of the Vault. To copy the Hash to the system clipboard, simply click the File button to the right of the listed Manifest Hash. Once reviewed, click the OK button. To reopen and check the Vault contents at any time. Click the Verify Contents button in the Actions section. This will present the same screen that is reached after Generating a Manifest. The option to Regenerate the Manifest is available at any time before sealing the Vault by clicking the Regenerate Manifest button and following the above steps again. Accessing Manifest Manifest information may be accessed at any time by beginning at the Vault Home Page and clicking the Vault Name in the Vault List. The following overview is present: Manifest Signed - Shows the date of the Manifest’s last signing. Manifest Hash - Displays the Hash string for the Manifest, this can be copied to the system clipboard by clicking the Copy icon immediately to the right of the Hash. Manifest Name - Displays the named .txt file of the Manifest. Task Initiator - Displays the Username of the user who initiated the Manifest Generation. Details of the user can be displayed in further detail by clicking the displayed Username. Task Started - Displays the date/time of the Manifest Generation’s initiation. Task Completed - Displays the date/time of the Manifest Generation’s completion. Verifying Manifest Contents Clicking the Verify Contents button will begin verification of Manifest contents against the Vault. A window to confirm verification will present, click the Verify button. An overview of the verification will present, as well as a time stamp denoting the most recent Manifest verification. Finish Staging/Seal Vault Begin the Vault sealing process by clicking the Finish Staging/Seal Vault button in The Vault Details Page. Sealing a Vault is an irreversible process. Once data is sealed in a Vault it no longer may be changed. All Snapshots will be destroyed when the Vault is sealed. The dataset will be unshared and moved out of production when sealed. Once ready, click the empty text field and type Seal to confirm the sealing process. Click the Finish Staging/Seal Vault button. The vault has now been sealed. Managing a Sealed Vault Once a Vault has been sealed, there are a few new options present to manage the vault. After successfully sealing a vault, or when clicking on an already sealed vault from the Vault Home Page, the sealed Vault details will present. Here, the choice can be made to create a Read-Only View of the Vault. To do so, begin by clicking the Create View button on the Vault Road Map. To enable NFS or SMB on the View, click their respective Sliders. Here, the option to change the share name, allowed users, connectivity by configurable IP, and auto-close timing (Defaulted to never auto-close). Once the desired settings are configured, click the Create Read-Only View button. The read-only view will be created, and shown on the sealed Vault details page: To view the read-only Vault dataset, click the Open Dataset button. The Sealed Vault settings will now display showing the Vault’s configuration. To close the read-only view of the sealed Vault, click the Close View button. At the bottom of the screen, a list of buttons that allow further management of the sealed Vault are present: Verify Contents - To verify Vault contents, simply click the Verify Contents button, click Verify, then click OK. Create View - Follows the same operative use-case as explained above. Export Vault - Allows for Vault content export to a new dataset: To export the Vault, click the Export Vault button. Configure the exported dataset name, then click Export. A prompt denoting success will present. Configure - Allows for administrative configuration of the sealed Vault. To configure the sealed Vault, click the Configure button. The option to change the Vault name and ownership are available, as well as the option to set Retain Until/Auto-Destroy dates. Once configured, click the Apply button. Destroy Vault - Completely destroy the Vault and all of its data. To destroy the sealed Vault, click the Destroy Vault button. Destroying a vault is an irreversible action. The dataset and all snapshots will be irrecoverably destroyed. Once ready, click the empty text field and type destroy VAULT NAME. Finally, click the Destroy Dataset button. Immutavault Terminology Active Airgap Through RackTop’s patent pending technology, your data will be protected to the same level as a physical air-gap without the need for disconnecting network cables or separate systems. Privileged User Protection ImmutaVaults are protected from admin or operator abuse (insider threat, misuse of privilege to view data) and accidental destruction through a patent pending isolation system which ensures that vaulted data is only accessible to its owners. Data Attestation Data stored in ImmutaVault can be cryptographically verified to ensure the chain of custody from the time of ingest into the vault to any point in the future. Chain of Custody ImmutaVaults exclusively accept data from identified data owners, including users, applications, or source machines. This data ingestion process is thoroughly audited and verified, ensuring the establishment of a chain of custody proof essential for the highest security and most critical data environments. Common Protocols ImmutaVaults in the staging phase, prior to sealing, can ingest data from any source that can mount an NFS or SMB file share. Another unique benefit of RackTop’s ImmutaVault is that data being used in production can be instantly converted into a vault without the need to copy it to a new system, which saves on time, money, and additional storage costs. One Way & Permanent ImmutaVaults are permanently protected with no mechanism to modify, add, or revert once sealed, validated, and cryptographically signed. This true immutability protects from outsiders, insiders and advanced system (OS) oriented attacks. Policy Driven Each ImmutaVault implements its own policy which dictates the data owner (who can view and share vaulted data), as well as the retention and protection settings required to meet any type of regulatory or security compliance requirement.