CONFIGURATION GUIDELINES: EMC STORAGE FOR PHYSICAL SECURITY

White Paper CONFIGURATION GUIDELINES: EMC STORAGE FOR PHYSICAL SECURITY DVTel Latitude NVMS performance using EMC Isilon storage arrays Correct sizing for storage in a DVTel Latitude physical security environment EMC Solutions Abstract This white paper provides guidelines for configuration and bandwidth assessments based on EMC test results. The bandwidth numbers can vary based on many factors including network configuration and utilization, disk utilization, computer type, and other factors. October 2012

Copyright 2012 EMC Corporation. All Rights Reserved. EMC believes the information in this publication is accurate as of its publication date. The information is subject to change without notice. The information in this publication is provided as is. EMC Corporation makes no representations or warranties of any kind with respect to the information in this publication, and specifically disclaims implied warranties of merchantability or fitness for a particular purpose. Use, copying, and distribution of any EMC software described in this publication requires an applicable software license. For the most up-to-date listing of EMC product names, see EMC Corporation Trademarks on EMC.com. All trademarks used herein are the property of their respective owners. Part Number H10563.2 2

Contents Executive summary... 5 Business case... 5 Business environment... 5 Key results... 5 Introduction... 6 Purpose... 6 Scope... 6 Audience... 6 Terminology... 7 Common intermediate format (CIF)... 7 Block-level storage system... 7 File-level storage system... 7 Technology overview... 8 EMC arrays and network protocols... 8 Physical Windows host requirements... 8 DVTel Latitude installation overview... 8 Maximum bandwidth... 9 Bandwidth summary... 9 Maximum array bandwidth summary... 9 Isilon 108NL configuration... 10 OneFS... 10 Data protection configuration... 10 Disk configuration cache/memory settings... 10 OneFS setup requirements... 10 SmartQuotas... 11 Impact Policy configuration... 11 OneFS worker settings... 11 I/O optimization configuration... 12 Bandwidth on CIFS testing... 12 Node addition... 12 Node removal... 12 Best practices... 13 File systems... 13 Data protection... 13 Network protocols... 14 3

CIFS... 14 Environment profile... 15 Environment profile parameters... 15 Hardware and software resources... 16 Hardware resources... 16 Software resources... 16 Conclusion... 17 Summary... 17 Key points... 17 References... 18 Product documentation... 18 4

Executive summary Business case Storage is a major component of a physical security installation. To understand how to design and deploy a DVTel Latitude Network Video Management System (NVMS) physical security solution, you must evaluate video retention times, frame rates, common intermediate format (CIF) values, and other video quality parameters. This is to determine the aggregate bytes that are required to be written to storage each second and to determine the amount of storage required. When you define the aggregate storage bandwidth, along with the total storage requirement, you can use this technical note to determine which storage array best meets customers requirements. Business environment DVTel has been qualified in the EMC Physical Security lab with network-attached storage (NAS) EMC Isilon 108NL arrays. Bandwidth limitations are application based, therefore any Isilon array from the 108NL and greater (X200, S200, NL400, and so on) perform equally well. This technical note provides guidelines for EMC Isilon product lines only. EMC storage for physical security solutions provides optimal solutions for surveillance management and IT infrastructure. EMC solutions provide a flexible and highly scalable infrastructure that can meet a broad range of today s demanding physical security requirements. By leveraging the surveillance management software from DVTel and IT infrastructure components from EMC, customers are assured that they will receive a high yield return on their investment. In addition, EMC storage technology enables customers to backup their primary servers nondisruptively, while the system remains online and available to users. As customers requirements change and become more sophisticated, the flexible, modular architecture of this EMC physical security solution enables you to enhance the EMC storage technology to meet customer needs. Results for other EMC arrays, including EMC VNX arrays based on Fibre Channel (FC) and iscsi, will be provided in the next release of this technical note. Key results This technical note provides guidelines for configuration and bandwidth assessments based on EMC test results. The bandwidth numbers can vary based on many factors including network configuration and utilization, disk utilization, computer type, and so on. The test results include the: Recommended cache configuration Bandwidth for each share DVTel maximum bandwidths per Isilon node Disk drive types and storage protection levels 5

Introduction Purpose Scope Audience This technical note provides you with the information you need to: Size EMC storage arrays for required bandwidths Determine the number of DVTel Latitude Archivers that are required based on aggregate bandwidth Determine Isilon node-to-archiver ratio The scope of this technical note is to: Present bandwidth information for DVTel Latitude 6.2, when attached to EMC Isilon storage systems Describe several EMC Isilon storage array configurations Summarize test results carried out by EMC Provide configuration guidelines for the DVTel Latitude NVMS 6.2 appliance The intended audience for the technical note is EMC personnel. Using this technical note, EMC personnel can determine the best configuration for: The number of Latitude Archivers required An Isilon implementation the desired mix of nodes and Archivers based on the expected bandwidth Storage protocols (such as NAS) The load factors related to designing EMC Isilon storage array into the customer s solution 6

Terminology Common intermediate format (CIF) Table 1 details the video pixel density standard used in video conferencing and physical security. As described in the table, the 4CIF format is four times the pixel density of CIF. Table 1. CIF resolution CIF format Resolution (pixels) PAL NTSC CIF 352 x 288 352 x 240 2CIF (CIF x 2) 704 x 288 704 x 240 4CIF (CIF x 4) 704 x 576 704 x 480 QCIF (Quarter CIF) 176 x 144 176 x 120 480i/p 704 x 480 704 x 480 720i/p 1280 x 720 1280 x 720 1080i/p 1920 x 1080 1920 x 1080 There are two color TV standards Phase Alternating Line (PAL) and National Television Standards Committee (NTSC). Note: CIF definitions were originally created in Europe, where the PAL color TV standard is used. The CIF definition was later expanded to include the NTSC definition. We performed all the testing covered in this technical note using video with 4CIF pixel density. Block-level storage system A block-level storage system writes and reads blocks of data using logical block addresses (LBAs), which are translated into disk-sector addresses on the drives. SAN storage environments use block-level storage to provide a higher level of performance compared with file-level storage. File-level storage system A file-level storage system adds a level of abstraction above the block-level access. In this case, the host s data is sent as file system extents, which must be mapped to logical disk blocks before they are stored on the hard drives. NAS refers to file-level storage. 7

Technology overview EMC arrays and network protocols Physical Windows host requirements DVTel Latitude installation overview EMC storage arrays are ideal for storing video and audio data. This technical note provides information about the: EMC Isilon array SMB2 (CIFS) network protocol Microsoft Windows minimum system requirements for DVTel Latitude Archiver are as follows: Microsoft Windows 2008 64-bit Four-core 2 GHz processors or greater Intel 31xx, 33xx, 52xx, 74xx, or AMD 13xx, 23xx, 84xx series processors, or later 8 GB of memory for each VMware guest running a Latitude server DVTel Latitude is a network-based video monitoring and recording system, composed of servers and clients, as well as encoders and decoders, connected over a network. Usually, the system resides on a dedicated, rather than a corporate network. DVTel recommends that you always consult a network administrator before installing Latitude. A DVTel Latitude installation can consist of a single server or multiple servers in a hierarchical structure. You can further distribute the DVTel Latitude Windows services that provide the primary server functionality to additional Windows servers. You can configure Latitude installations to handle a few cameras to thousands of cameras. The primary Latitude services are: Gateway Directory Event Distributor (EDB) Archiver The Gateway, EDB, and Directory services may be installed on the same Windows Server 2008 32-bit or 64-bit system. In our tests, we installed these services on a single virtualized host running Windows Server 2008 32-bit. As a best practice, we installed all the DVTel Latitude Archivers on physical computers, with Windows 2008 R2 64-bit installed. 8

Maximum bandwidth Bandwidth summary Maximum array bandwidth summary The tests in this technical note are based on the bandwidth that DVTel Latitude can write to an EMC Isilon Storage array. Table 2 shows the bandwidth summary for the Isilon array tested. Tests presented are based on a more than 90 percent write rate and with an active (forced) failure on the array. The total bandwidth is with a full complement of drives. Table 2. Maximum array bandwidth Array Fibre Channel bandwidth iscsi bandwidth CIFS bandwidth Isilon 108NL N/A N/A 30 MB/s (per node single Archiver) Although Isilon supports a minimum cluster size of three nodes, EMC recommends a minimum Isilon cluster of five nodes for video storage. Space calculations must include a minimum of one extra node plus 15 percent to accommodate a node failure or removal. Because the bandwidth scaling is in direct proportion to the number of nodes in the cluster, the array/cluster maximum bandwidth is determined based on the number of nodes. 9

Isilon 108NL configuration OneFS The OneFS file system is a distributed network file system 1 designed by EMC Isilon Systems for use in its Isilon storage appliances. Isilon OneFS does not rely on hardware-based RAID for data protection. Data protection configuration Based on the Reed Solomon algorithm for N+M protection, the Isilon system uses parity protection. In the N+M data protection model, N represents the number of nodes, and M represents the number of simultaneous failures of nodes or drives, or a combination of nodes and drives that the cluster can withstand without incurring data loss. N must be larger than M. OneFS supports N+1, N+2:1, N+2, N+3:1, N+3, and N+4 data protection schemes, and up to 8x mirroring. Protection is applied at the file-level, enabling the cluster to recover data quickly and efficiently. Nodes, folders, and other metadata are protected at the same or higher level as the data blocks they reference. Because all data, metadata, and forward error correction (FEC) blocks are striped across multiple nodes, there is no requirement for dedicated parity drives. Disk configuration cache/memory settings OneFS setup requirements Set all jobs to an Impact Policy of Low. This reduces the number of workers the cluster will enable for each job to run in parallel. In addition, background jobs consume less CPU. This improves performance in the unlikely event of a node failure or other recovery activities, such as disk rebuilds. Recovery processes will take longer at an impact of Low. If recovery time duration is a concern, the protection level could be increased to +3:1 or greater. Perform the following checks and steps on the Isilon OneFS configuration: 1. OneFS v6.5.4.4 B_6_5_4_76 (release tested). 2. SmartQuotas is licensed and configured. 3. SmartConnect Advanced is licensed and configured (optional but recommended). 4. Create a folder per Archiver. 5. From the domain administrator credentials, configure Write permissions for each DVTel video storage folder as shown in Figure 1. 1 Distributed network file system: In computing, a distributed file system or network file system is any file system that enables access to files from multiple hosts sharing via a computer network. This makes it possible for multiple users on multiple computers to share files and storage resources. 10

Figure 1. Permissions Note: Once you create the folder, use the add share function for that folder. SmartQuotas SmartQuotas is an add-on product that must be purchased and configured when more than one Archiver is writing to an Isilon cluster. Smart Quotas defines the storage limitation policies required for video storage, which eliminates issues caused by multiple Archivers independently managing video storage. To configure Smart Quotas: 1. Set the hard threshold to the Archiver video file share limit. 2. Define OneFS to display the available space as the size of the hard threshold. 3. Set the usage calculation method to display the user data only. Impact Policy configuration The Impact Policy defines the number of parallel tasks or workers enabled to run at one time within OneFS. Set all background jobs with the Impact Policy set to Low for best performance. This setting is located in Operations > Jobs and Impact Policies. Configure all jobs with an Impact Policy set to Low. Do not change the priority of any job. OneFS worker settings To achieve the required bandwidth during disk rebuilds, node recovery, node remove, or when other high priority background jobs are running, you must modify the performance characteristics of the Low Impact Policy. Note To avoid undesirable results, use extreme care when modifying Impact Policy execution parameters. Make the following OneFS modifications to allow DVTel s NVMS to achieve its maximum performance: Set the Impact Policy for all jobs to Low. Once each background job s Impact Policy has been set to Low, modify the way the workers operate within the low impact policy as follows: 11

impact.profiles.low.local_backoff_load_factor=0.5 impact.profiles.low.max_workers_per_core=2 impact.profiles.low.max_per_storage_unit=0.5 impact.profiles.low.min_per_storage_unit=0.1 impact.profiles.low.workers_per_core=0.1 Modifying the workers extends the duration for most Isilon Cluster maintenance activities. I/O optimization configuration Set the default I/O Optimization setting to Streaming. This setting is located in SmartPools > Settings > Default File Pool Policy Settings. Note: A SmartPool license is not required for this setting to be active. Bandwidth on CIFS testing Table 3 shows the SMB2 (CIFS) bandwidth tested for Isilon storage arrays. Table 3. Node/5-Node Cluster bandwidth: Isilon 108NL CIFS Array Archivers per node Total bandwidth (MB/s) Bandwidth per node (MB/s) Bandwidth per host (MB/s) Protection level No. of nodes in cluster No. of nodes written to 108NL 1 90 30 30 +2:1 5 3 SATA 3 TB 7,200 108NL 1 150 30 30 +2:1 5 5 SATA 3 TB 7,200 Disk type Disk size Disk RPM Node addition Node removal Adding a node to the cluster can cause a bandwidth reduction of short duration. In the EMC lab, the reduced bandwidth lasted for less than 10 minutes. Add nodes during off peak time as a scheduled change. Removing an Isilon node from a cluster is a user-initiated activity that results in an extended period of reduced bandwidth. Note: In a scheduled change, expect reduced bandwidth for many hours when performing the removal of a node. Table 4 details the reduced bandwidth expected, when a node is permanently removed, while maintaining a 20 percent read rate during the process. Using the Isilon configuration recommended in this technical note results is a node removal duration that you can calculate with the following formula: Days = SpaceUtilization%/3.4 The factor of 3.4 was determined based on multiple tests at varying Isilon cluster utilizations. 12

Table 4. Node addition/removal - reduced bandwidth Array Archivers per node 2 Duration factor Bandwidth per node (MB/s) Bandwidth per host (MB/s) Protection No. of nodes in cluster No. of nodes written to 108NL 1 3.4% 27 27 +2:1 5 3 SATA 3 TB 7,200 Disk type Disk size Disk RPM Best practices File systems The following best practices are based on a five-node minimum cluster size: Use the default data protection level of +2:1 as the minimum data protection. We used a +2:1 protection level while performing the tests described in this technical note. To enable for recovery of a node failure or a manual node removal, the minimum free space must be equivalent to one complete node plus 20 percent per node. Note: You can use cluster sizes down to a three-node cluster, although this is not recommended. Data protection When using file systems for Isilon storage arrays, the following best practices apply: You must enable Smart Quota with a quota defined for each share. EMC recommends a five-node minimum cluster size for file systems, even if not writing video directly to all nodes. For example, if implementing a four-archiver solution, implement a five-node cluster. This also meets the best practices for data protection guidelines. 2 The duration in days for a node removal is approximately equal to the cluster s space utilization divided by the duration factor : Days=SpaceUtilization%/DurationFactor 13

Network protocols CIFS EMC Isilon supports NAS protocols such as network file system (NFS) and SMB (CIFS). The DVTel solution utilizes SMB connections to the NAS device. Isilon provides an excellent Tier-1 platform for DVTel Latitude. 14

Environment profile Environment profile parameters Table 5 lists the environment profile parameters for this solution. Table 5. Environment profile parameters Parameter Value DVTel Latitude application software Latitude 6.2 Installed on Microsoft Windows Server 2008 32-bit and 64-bit Latitude Archiver requires Microsoft Windows Server 2008 64-bit Network protocols DAS NAS CIFS 15

Hardware and software resources Hardware resources Table 6 lists the hardware resources used in the validated solution testing. Table 6. Hardware resources Equipment Isilon 108NL +2:1 Configuration Software resources Table 7 lists the software resources used in the validated solution testing. Table 7. Software resources Software Version Configuration Microsoft Windows Server 2008 32-bit Microsoft Windows Server 2008 64-bit Latitude ControlCenter; Latitude AdminCenter SP2 R2 SP1 Latitude 6.2 Operating system for Latitude Directory, Gateway, and EDB servers Operating system for Latitude Archiver At a minimum, install one of each application 16

Conclusion Summary Key points DVTel Latitude NVMS is a fully scalable, enterprise-class media management system that, when combined with the scalability and ease of use associated with the EMC Isilon storage arrays, provides customers with an exceptional operating environment. As tested, the Isilon 108NL 5-node cluster could accommodate 30 MB/s (240 Mb/s) per 108NL node from a DVTel Latitude Archiver. Using the setup and configuration as presented in this technical note, the per-isilon 108NL node bandwidth will remain consistent even during various failure scenarios. Table 8 summarizes the key points that this solution addresses. Table 8. Key findings of this solution Key point Private businesses and public entities have responded to the rising concerns about theft, fraud, and terrorism by sharpening their focus on physical security and surveillance systems. Physical security solutions require data storage that meets the individual needs of each installation. Organizations are moving away from backroom security operations into ITmanaged systems providing backup, recovery, and system support. Solution objective EMC offers physical security solutions that unite disparate legacy systems and state-of-the-art infrastructure, and enable organizations to manage their growing volume of physical security information. EMC provides numerous storage arrays to meet the capacity, bandwidth, and cost requirements for all customers. Moving physical security solutions into the data center provides structured approaches to data integrity, system security, and operational efficiencies. EMC provides industry-leading dataprotection methods, industry-leading system security with RSA, and operational efficiencies. 17

References Product documentation For more information, see the following product documents: Isilon IQ Network Configuration Guide Isilon OneFS Configuration Guide 18