Arctera Insight Information Governance Administrator's Guide

Last Published:
Product(s): Data Insight (7.2)
Platform: Windows
  1. Section I. Getting started
    1. Introduction to Arctera Insight Information Governance administration
      1. About Arctera Insight Information Governance administration
        1.  
          Operation icons on the Management Console
        2.  
          Information Governance administration tasks
    2. Configuring Information Governance global settings
      1.  
        About Information Governance licensing
      2.  
        SQLite WAL mode
      3.  
        Configuring SMTP server settings
      4. About scanning and event monitoring
        1. Configuring scanning and event monitoring
          1.  
            Considerations for running a parallel scan
      5.  
        Monitoring Indexer Node Storage Utilization
      6. About filtering certain accounts, IP addresses, and paths
        1.  
          About exclude rules for access events
        2.  
          About exclude rules for Scanner
        3. Adding exclude rules to Information Governance
          1.  
            Add/Edit Exclude rule for access events options
          2.  
            Add/Edit Exclude rule for Scanner options
      7. About archiving data
        1.  
          About purging data
        2.  
          Configuring data retention settings
        3.  
          Parameterized Purging of access data using Data Retention
        4.  
          Purging indexes by date/whitespace for deleted files
      8. About Information Governance integration with Data Loss Prevention (DLP)
        1.  
          About configuring Information Governance to integrate with Data Loss Prevention (DLP)
        2.  
          Configuring Data Loss Prevention settings
        3.  
          Importing SSL certificate from the DLP Enforce Server to Information Governance Management Server
        4.  
          About Data Loss Prevention (DLP) integration with Information Governance
      9.  
        Importing sensitive files information through CSV
      10. Configuring advanced analytics
        1.  
          Choosing custom attributes for advanced analytics
      11. About open shares
        1.  
          Configuring an open share policy
      12. About user risk score
        1.  
          User risk weight configuration
      13.  
        Configuring file groups
      14.  
        Configuring Workspace data owner policy
      15.  
        Configuring Management Console settings
      16. About bulk assignment of custodians
        1.  
          Assigning custodians in bulk using a CSV file
        2.  
          Assigning custodians based on data ownership
      17.  
        Configuring Watchlist settings
      18. Configuring Metadata Framework
        1.  
          Using the metadata framework for classification and remediation
      19.  
        Proof of concept
  2. Section II. Configuring Information Governance
    1. Configuring Information Governance product users
      1.  
        About Information Governance users and roles
      2.  
        Reviewing current users and privileges
      3. Adding a user
        1.  
          Add or edit Information Governance user options
      4.  
        Editing users
      5.  
        Deleting users
      6.  
        Configuring authorization for Data Loss Prevention users
      7.  
        Configuring single sign-on (SSO) using security assertion markup language (SAML)
      8.  
        Disabling single sign-on (SSO)
    2. Configuring Information Governance product servers
      1.  
        About Information Governance product servers
      2.  
        Adding a new Information Governance server
      3.  
        Managing Information Governance product servers
      4.  
        Viewing Information Governance server details
      5. About node templates
        1.  
          Managing node templates
        2.  
          Adding or editing node templates
      6.  
        Adding Portal role to a Information Governance server
      7.  
        Adding Classification Server role to a Information Governance server
      8.  
        Assigning Classification Server to a Collector
      9.  
        Associating a Classification Server pool to a Collector
      10.  
        Viewing in-progress scans
      11.  
        Configuring Information Governance services
      12.  
        Configuring advanced settings
      13.  
        Monitoring Information Governance jobs
      14.  
        Rotating the encryption keys
      15.  
        Viewing Information Governance server statistics
      16. About automated alerts for patches and upgrades
        1.  
          Viewing and installing recommended upgrades and patches
      17.  
        Deploying upgrades and patches remotely
      18.  
        Using the Upload Manager utility
      19.  
        About migrating storage devices across Indexers
      20.  
        Viewing the status of a remote installation
    3. Configuring saved credentials
      1. About saved credentials
        1.  
          Managing saved credentials
      2.  
        Handling changes in account password
      3.  
        Information Governance Hash Utility
    4. Configuring directory service domains
      1.  
        About directory domain scans
      2. Adding a directory service domain to Information Governance
        1.  
          Add/Edit Active Directory options
        2.  
          Add/Edit LDAP domain options
        3.  
          Add/Edit NIS domain options
        4.  
          Add/Edit NIS+ domain options
        5. Add/Edit Azure active directory service
          1.  
            Prerequisites for configuring Azure AD
          2.  
            Registering Information Governance with Microsoft to scan Azure AD
          3.  
            Configuring application without user impersonation for Microsoft 365
          4.  
            Creating an application in the Microsoft Azure portal
      3.  
        Managing directory service domains
      4.  
        Fetching users and groups data from NIS+ scanner
      5.  
        Configuring attributes for advanced analytics
      6.  
        Deleting directory service domains
      7.  
        Scheduling scans
      8.  
        Configuring business unit mappings
      9.  
        Importing additional attributes for users and user groups
    5. Configuring containers
      1.  
        About containers
      2. Adding containers
        1.  
          Add new container/Edit container options
      3.  
        Managing containers
    6. Server Pools
      1.  
        About Server Pools
      2.  
        Adding Server Pools
      3.  
        Managing Server Pools
  3. Section III. Configuring native file systems in Information Governance
    1. Configuring clustered NetApp file server monitoring
      1.  
        About configuring a clustered NetApp file server
      2.  
        About configuring FPolicy in Cluster-Mode
      3.  
        Pre-requisites for configuring clustered NetApp file servers
      4.  
        Credentials required for configuring a clustered NetApp file server
      5.  
        Preparing a non-administrator local user on the clustered NetApp filer
      6.  
        Preparing a non-administrator domain user on a NetApp cluster for Information Governance
      7.  
        Persistent Store
      8.  
        Preparing Information Governance for FPolicy in NetApp Cluster-Mode
      9.  
        Preparing the ONTAP cluster for FPolicy
      10. About configuring secure communication between Information Governance and cluster-mode NetApp devices
        1.  
          Generating SSL certificates for NetApp cluster-mode authentication
        2.  
          Preparing the NetApp cluster for SSL authentication
      11.  
        Enabling export of NFS shares on a NetApp Cluster-Mode file server
      12.  
        Enabling SSL support for Cluster Mode NetApp auditing
    2. Configuring EMC Celerra or VNX monitoring
      1. About configuring EMC Celerra or VNX filers
        1.  
          About EMC Common Event Enabler (CEE)
        2.  
          Preparing the EMC filer for CEPA
        3.  
          Preparing Information Governance to receive event notification
      2.  
        Credentials required for configuring EMC Celerra filers
    3. Configuring EMC Isilon monitoring
      1.  
        About configuring EMC Isilon filers
      2.  
        Prerequisites for configuration of Isilon or Unity VSA file server monitoring
      3.  
        Credentials required for configuring an EMC Isilon cluster
      4.  
        Configuring audit settings on EMC Isilon cluster using OneFS GUI console
      5.  
        Configuring audit settings on EMC Isilon cluster using the OneFS CLI
      6.  
        Configuring Isilon audit settings for performance improvement
      7.  
        Preparing Arctera Insight Information Governance to receive event notifications from an EMC Isilon or Unity VSA cluster
      8.  
        Creating a non-administrator user for an EMC Isilon cluster
      9.  
        Utilizing access zone's SmartConnect Zone/Alias mappings
      10.  
        Purging the audit logs in an Isilon filer
    4. Configuring EMC Unity VSA file servers
      1.  
        About configuring Dell EMC Unity storage platform
      2.  
        Credentials required for configuring an EMC Unity VSA file server
      3.  
        Configuring audit settings on EMC Unity cluster using Unisphere VSA Unity console
    5. Configuring Hitachi NAS file server monitoring
      1.  
        About configuring Hitachi NAS
      2.  
        Credentials required for configuring a Hitachi NAS EVS
      3.  
        Creating a domain user on a Hitachi NAS file server for Information Governance
      4.  
        Preparing a Hitachi NAS file server for file system auditing
      5.  
        Advanced configuration parameters for Hitachi NAS
    6. Configuring Windows File Server monitoring
      1.  
        About configuring Windows file server monitoring
      2.  
        Credentials required for configuring Windows File Servers
      3.  
        Using the installcli.exe utility to configure multiple Windows file servers
      4.  
        Upgrading the Windows File Server agent
    7. Configuring Arctera File System (VxFS) file server monitoring
      1.  
        About configuring Arctera File System (AxFS) file servers
      2.  
        Credentials required for configuring Arctera File System (AxFS) servers
      3.  
        Enabling export of UNIX/Linux NFS shares on AxFS filers
    8. Configuring monitoring of a generic device
      1.  
        About configuring a generic device
      2.  
        Credentials required for scanning a generic device
    9. Managing file servers
      1.  
        About configuring filers
      2.  
        Viewing configured filers
      3. Adding filers
        1.  
          Add/Edit NetApp cluster file server options
        2.  
          Add/Edit EMC Celerra filer options
        3.  
          Add/Edit EMC Isilon file server options
        4.  
          Add/Edit EMC Unity VSA file server options
        5.  
          Add/Edit Windows File Server options
        6.  
          Add/Edit Arctera File System server options
        7.  
          Add/Edit a generic storage device options
        8.  
          Add/Edit Hitachi NAS file server options
      4.  
        Custom schedule options
      5.  
        Editing filer configuration
      6.  
        Deleting filers
      7.  
        Viewing performance statistics for file servers
      8.  
        About disabled shares
      9. Adding shares
        1.  
          Add New Share/Edit Share options
      10.  
        Managing shares
      11.  
        Editing share configuration
      12.  
        Deleting shares
      13.  
        About configuring a DFS target
      14.  
        Adding a configuration attribute for devices
      15.  
        Configuring a DFS target
      16.  
        About the DFS utility
      17.  
        Running the DFS utility
      18.  
        Importing DFS mapping
    10. Renaming storage devices
      1.  
        About renaming a storage device
      2.  
        Viewing the device rename status
      3.  
        Considerations for renaming a storage device
  4. Section IV. Configuring SharePoint data sources
    1. Configuring monitoring of SharePoint web applications
      1.  
        About SharePoint server monitoring
      2.  
        Credentials required for configuring SharePoint servers
      3.  
        Configuring a web application policy
      4. About the Information Governance web service for SharePoint
        1.  
          Installing the Information Governance web service for SharePoint
      5.  
        Viewing configured SharePoint data sources
      6. Adding web applications
        1.  
          Add/Edit web application options
      7.  
        Editing web applications
      8.  
        Deleting web applications
      9. Adding site collections
        1.  
          Add/Edit site collection options
      10.  
        Managing site collections
      11.  
        Removing a configured web application
    2. Configuring monitoring of SharePoint Online accounts
      1. About SharePoint Online account monitoring
        1.  
          Prerequisites for configuring SharePoint Online account
      2.  
        Configuring user with minimum privileges in Microsoft 365
      3.  
        Creating an application in the Microsoft Azure portal
      4.  
        Configuring application without user impersonation for Microsoft 365
      5.  
        Adding SharePoint Online accounts
      6.  
        Managing a SharePoint Online account
      7. Adding site collections to SharePoint Online accounts
        1.  
          Add/Edit site collection options
      8.  
        Managing site collections
  5. Section V. Configuring cloud data sources
    1. Configuring monitoring of Box accounts
      1.  
        About configuring Box monitoring
      2.  
        Using a co-admin account to monitor Box resources
      3. Configuring monitoring of cloud sources in Information Governance
        1.  
          Add/Edit Box account
      4.  
        Configuring Box cloud resources through proxy server
      5.  
        Information Governance limitations for Box permissions
    2. Configuring OneDrive account monitoring
      1.  
        About configuring OneDrive monitoring
      2.  
        Configuring user with minimum privileges in Microsoft 365
      3.  
        Creating an application in the Microsoft Azure portal
      4.  
        Configuring application without user impersonation for Microsoft 365
      5.  
        Add/Edit OneDrive account
      6. Adding OneDrive cloud accounts
        1.  
          Add/edit OneDrive user accounts
    3. Configuring Azure Netapp Files Device
      1.  
        About Azure Netapp Files
      2.  
        Configuring Azure Netapp Files Device
    4. Managing cloud sources
      1.  
        Viewing configured cloud sources
      2.  
        Managing cloud sources
  6. Section VI. Configuring Object Storage Sources
    1. Amazon S3
      1.  
        About Amazon Simple Storage Service (Amazon S3)
      2.  
        Configuring Amazon S3 account monitoring
      3.  
        Configuring Audit Events in AWS
      4.  
        Creating an Athena table
      5.  
        Adding Amazon S3 account
      6.  
        Limitations for Amazon S3 in Information Governance
      7. Managing Amazon S3 data source
        1.  
          Monitored Buckets
        2.  
          Classification
  7. Section VII. Health and monitoring
    1. Using Arctera Insight Information Governance dashboards
      1.  
        Viewing the system health overview
      2.  
        Viewing the scanning overview
      3.  
        Viewing the scan status of storage devices
      4.  
        Viewing the scan history of storage devices
    2. Monitoring Information Governance
      1.  
        Viewing events
      2.  
        About high availability notifications
      3.  
        Monitoring the performance of Information Governance servers
      4.  
        Configuring email notifications
      5.  
        Enabling Windows event logging
      6.  
        Viewing scan errors
  8. Section VIII. Alerts and policies
    1. Configuring policies
      1.  
        About Information Governance policies
      2. Managing policies
        1.  
          Create Data Activity Trigger policy options
        2.  
          Create User Activity Deviation policy options
        3.  
          Create Real-time Data Activity Policy options
        4.  
          Create Real-time Permitted User-based Activity Policy options
        5.  
          Create Real-time Restricted User-based Activity Policy options
        6.  
          Create Real-time Sensitive Data Activity policy options
      3.  
        Managing alerts
  9. Section IX. Remediation
    1. Configuring remediation settings
      1. About configuring permission remediation
        1.  
          Managing and configuring permission remediation
        2.  
          Configuring exclusions for permission recommendation
      2.  
        About managing data
      3.  
        About deleting files
      4. About configuring archive options for Enterprise Vault
        1.  
          Adding new Enterprise Vault servers
        2.  
          Managing Enterprise Vault servers
        3.  
          Mapping file server host names
      5. Configuring Microsoft Purview Information Protection (MIP) Label
        1.  
          Removing MIP Label
      6.  
        Using custom scripts to manage data
      7.  
        Viewing and managing the status of an operation
  10. Section X. Reference
    1. Appendix A.  Information Governance best practices
      1.  
        Understanding Information Governance best practices
    2. Appendix B.  Migrating Information Governance components
      1.  
        Migrating Information Governance components
    3. Appendix C. Backing up and restoring data
      1.  
        Selecting the backup and restore order
      2.  
        Backing up and restoring the Information Governance Management Server
      3.  
        Backing up and restoring the Indexer node
      4.  
        Understanding Information Governance best practices
    4. Appendix D. Arctera Information Governance health checks
      1. About Information Governance health checks
        1.  
          Services checks
        2.  
          Deployment details checks
        3.  
          Generic checks
        4.  
          Information Governance Management Server checks
        5.  
          Information Governance Indexer checks
        6.  
          Information Governance Collector checks
        7.  
          Information Governance Windows File Server checks
        8.  
          Information Governance SharePoint checks
        9.  
          Classification server health checks
        10.  
          Information Governance self service portal server health checks
    5. Appendix E. Command File Reference
      1.  
        fg.exe
      2.  
        indexcli.exe
      3.  
        reportcli.exe
      4.  
        scancli.exe
      5.  
        installcli.exe
    6. Appendix F. Arctera Information Governance jobs
      1.  
        Scheduled Information Governance jobs
    7. Appendix G. Troubleshooting
      1.  
        About general troubleshooting procedures
      2.  
        About the Health Audit report
      3.  
        Location of Information Governance logs
      4.  
        Downloading Information Governance logs
      5.  
        Migrating the data directory to a new location
      6. Troubleshooting FPolicy issues on NetApp devices
        1.  
          Viewing FPolicy-related errors and warnings
        2.  
          Resolving FPolicy connection issues
      7.  
        Troubleshooting EMC Celera or VNX configuration issues
      8.  
        Troubleshooting EMC Isilon configuration issues
      9.  
        Troubleshooting SharePoint configuration issues
      10.  
        Troubleshooting Hitachi NAS configuration issues
      11.  
        Troubleshooting installation of Tesseract software
      12.  
        Troubleshooting RHEL 9 upgrade issue
      13.  
        Troubleshooting CyberArk Password Manager Configuration Issues

About scanning and event monitoring

Information Governance scans the file system hierarchy to collect information related to permissions and file system metadata from the monitored storage devices.

Event monitoring is an operation that keeps track of the access events happening on a file system. During event monitoring if Information Governance detects an event such as create, write or file system ACL level permission changes, it uses this information to perform incremental scans for the paths on which events are reported.

Information Governance uses asynchronous APIs, such as FPolicy for NetApp filers, the CEE framework for EMC filers, and filter driver for Windows File Servers to collect access events.

By default, Information Governance initiates event monitoring every 2 hours. You can disable event monitoring for the individual storage devices. To turn off event monitoring, navigate to Settings > Filers. In the edit page for filer, uncheck the option Enable file system event monitoring.

Note:

Information Governance scans only share-level permission changes when event monitoring is turned off.

To fetch file system metadata, Information Governance performs the following types of scans:

Full scan

During a full scan Information Governance scans the entire file system hierarchy. A full scan is typically run after a storage device is first added to the Information Governance configuration. Full scans can run for several hours, depending on the size of the shares. After the first full scan, you can perform full scans less frequently based on your preference. Ordinarily, you need to run a full scan only to scan those paths which might have been modified while file system auditing was not running for any reason.

In case of large shares, a full scan can take long time to complete. If the collector node specification is 16 core CPU and 32 GB RAM or higher, Information Governance automatically shifts to parallel scanning, which results in faster scan of shares.

By default, each Collector node initiates a full scan at 7:00 P.M. on the last Friday of each month. For SharePoint, the default scan schedule is 11:00 P.M. each night.

Figure: Scanner - Single thread and parallel threads

Scanner - Single thread and parallel threads
Incremental scan

During an incremental scan, Information Governance re-scans only those paths of a share that have been modified since the last full scan. It does so by monitoring incoming access events to see which paths had a create, write, or a security event on it since the last scan. Incremental scans are much faster than full scans.

By default, an incremental scan is scheduled once every night at 7:00 P.M. You can initiate an on-demand incremental scan manually by using the command line utility scancli.exe. It is recommended to run the IScannerJob before you execute the utility.

See Scheduled Information Governance jobs.

Path re-confirmation scan

After Information Governance completes indexing the full scan data, it computes the paths that no longer seem to be present on the file system. A re-confirmation scan confirms if a path which is present in the indexes, but appears to be no longer present on the file system, is indeed deleted. A re-confirmation scan is automatically triggered, when Information Governance detects potentially missing paths on the file system during a full scan.

You can turn off re-confirmation scan for any Indexer, using the Advanced Setting for that Indexer. When the re-confirmation scan is turned off, Information Governance readily removes the missing paths from the indexes without carrying out a re-confirmation.

See Configuring advanced settings.

At a global level, full scans are scheduled for individual Collectors or Windows File Server agents. The Table: Entities having configurable scan schedules gives you the details of all the entities for which you can schedule a full scan.

Table: Entities having configurable scan schedules

Entity

Scan schedule settings location

Scope

Details

Collector or Windows File Server agents

Settings > Servers > Advanced Setting > File System Scanner settings.

Applies to all the storage devices associated with the Collector, for which a schedule is defined.

See Configuring advanced settings.

Filers, web applications, Object Storage Sources and cloud sources

In case of a filer, Settings > Filers > Add New Filer.

In case of a SharePoint web application, Settings > SharePoint Sources > Add SharePoint Source > SharePoint Web Application.

In case of a SharePoint Online account, Settings > SharePoint Sources > Add SharePoint Source > SharePoint Online Account.

In case of a object storage sources account, Settings > Cloud Sources > Add new Object Storage Source> Amazon S3.

In case of a cloud storage account, Settings > Cloud Sources > Add New Cloud Source.

Note:

You can also configure scanning at the time of editing filers, web applications, and cloud sources.

Applies to filers, SharePoint web applications, SharePoint Online accounts, ECM sources, Object Storage Sources or cloud sources for which schedule is defined.

This setting overrides the scan schedule defined for the Collector associated with the filer, web applications, and cloud sources.

See Adding filers.

See Adding web applications.

See Configuring monitoring of cloud sources in Information Governance.

Shares, site collections, buckets and repositories

Settings > Filers > Monitored Shares > Add New Share.

Settings > SharePoint Sources > Web Applications > Monitored Site Collections > Add Site Collection.

Settings > SharePoint Sources > Online Accounts > Monitored Site Collections > Add Site Collection.

Settings > Object Storage Sources > Amazon S3 > Monitored Buckets > Add New Bucket.

Note:

You can also configure scanning at the time of editing shares and site collections.

Applies to the entire share or site collection for which schedule is defined.

Overrides the scan schedules defined for the filer or the web application associated with the share or the site collection.

See Adding shares.

See Adding site collections.

You can override all the full scan schedules and initiate an on-demand full scan for configured shares or site collections. See Managing shares.

Sometimes for maintenance and diagnostic purposes, you may need to disable all the scans. You can disable all scans:

If you disable scanning for any device, you will not be able to view any permissions data for that device. However, you may still see some stale metadata like size, permissions etc., which was collected before the scanning was disabled. If you run a report on the paths for which scanning is disabled, you may get a report with stale data.

You can specify pause schedules for both full and incremental scans to indicate when scanning should not be allowed to run. You can configure a pause schedule from the Settings > Servers > Advanced Settings page. See Configuring advanced settings. to know more about configuring a pause schedule.

You can view the details of the current and historical scan status for your entire environment from the scanning dashboard. To access the scanning dashboard, from the Information Governance Management Console, navigate to Settings > Scan Status > Overview. See Viewing the scanning overview. to know more about the scanning dashboard.