Important Update: Cohesity Products Documentation

All Cohesity product documentation are now managed via the Cohesity Docs Portal: https://docs.cohesity.com/HomePage/Content/home.htm. Some documentation available here may not reflect the latest information or may no longer be accessible.

Arctera Insight Information Governance Administrator's Guide

Last Published:
Product(s): Data Insight (7.2)
Platform: Windows
  1. Section I. Getting started
    1. Introduction to Arctera Insight Information Governance administration
      1. About Arctera Insight Information Governance administration
        1.  
          Operation icons on the Management Console
        2.  
          Information Governance administration tasks
    2. Configuring Information Governance global settings
      1.  
        About Information Governance licensing
      2.  
        SQLite WAL mode
      3.  
        Configuring SMTP server settings
      4. About scanning and event monitoring
        1. Configuring scanning and event monitoring
          1.  
            Considerations for running a parallel scan
      5.  
        Monitoring Indexer Node Storage Utilization
      6. About filtering certain accounts, IP addresses, and paths
        1.  
          About exclude rules for access events
        2.  
          About exclude rules for Scanner
        3. Adding exclude rules to Information Governance
          1.  
            Add/Edit Exclude rule for access events options
          2.  
            Add/Edit Exclude rule for Scanner options
      7. About archiving data
        1.  
          About purging data
        2.  
          Configuring data retention settings
        3.  
          Parameterized Purging of access data using Data Retention
        4.  
          Purging indexes by date/whitespace for deleted files
      8. About Information Governance integration with Data Loss Prevention (DLP)
        1.  
          About configuring Information Governance to integrate with Data Loss Prevention (DLP)
        2.  
          Configuring Data Loss Prevention settings
        3.  
          Importing SSL certificate from the DLP Enforce Server to Information Governance Management Server
        4.  
          About Data Loss Prevention (DLP) integration with Information Governance
      9.  
        Importing sensitive files information through CSV
      10. Configuring advanced analytics
        1.  
          Choosing custom attributes for advanced analytics
      11. About open shares
        1.  
          Configuring an open share policy
      12. About user risk score
        1.  
          User risk weight configuration
      13.  
        Configuring file groups
      14.  
        Configuring Workspace data owner policy
      15.  
        Configuring Management Console settings
      16. About bulk assignment of custodians
        1.  
          Assigning custodians in bulk using a CSV file
        2.  
          Assigning custodians based on data ownership
      17.  
        Configuring Watchlist settings
      18. Configuring Metadata Framework
        1.  
          Using the metadata framework for classification and remediation
      19.  
        Proof of concept
  2. Section II. Configuring Information Governance
    1. Configuring Information Governance product users
      1.  
        About Information Governance users and roles
      2.  
        Reviewing current users and privileges
      3. Adding a user
        1.  
          Add or edit Information Governance user options
      4.  
        Editing users
      5.  
        Deleting users
      6.  
        Configuring authorization for Data Loss Prevention users
      7.  
        Configuring single sign-on (SSO) using security assertion markup language (SAML)
      8.  
        Disabling single sign-on (SSO)
    2. Configuring Information Governance product servers
      1.  
        About Information Governance product servers
      2.  
        Adding a new Information Governance server
      3.  
        Managing Information Governance product servers
      4.  
        Viewing Information Governance server details
      5. About node templates
        1.  
          Managing node templates
        2.  
          Adding or editing node templates
      6.  
        Adding Portal role to a Information Governance server
      7.  
        Adding Classification Server role to a Information Governance server
      8.  
        Assigning Classification Server to a Collector
      9.  
        Associating a Classification Server pool to a Collector
      10.  
        Viewing in-progress scans
      11.  
        Configuring Information Governance services
      12.  
        Configuring advanced settings
      13.  
        Monitoring Information Governance jobs
      14.  
        Rotating the encryption keys
      15.  
        Viewing Information Governance server statistics
      16. About automated alerts for patches and upgrades
        1.  
          Viewing and installing recommended upgrades and patches
      17.  
        Deploying upgrades and patches remotely
      18.  
        Using the Upload Manager utility
      19.  
        About migrating storage devices across Indexers
      20.  
        Viewing the status of a remote installation
    3. Configuring saved credentials
      1. About saved credentials
        1.  
          Managing saved credentials
      2.  
        Handling changes in account password
      3.  
        Information Governance Hash Utility
    4. Configuring directory service domains
      1.  
        About directory domain scans
      2. Adding a directory service domain to Information Governance
        1.  
          Add/Edit Active Directory options
        2.  
          Add/Edit LDAP domain options
        3.  
          Add/Edit NIS domain options
        4.  
          Add/Edit NIS+ domain options
        5. Add/Edit Azure active directory service
          1.  
            Prerequisites for configuring Azure AD
          2.  
            Registering Information Governance with Microsoft to scan Azure AD
          3.  
            Configuring application without user impersonation for Microsoft 365
          4.  
            Creating an application in the Microsoft Azure portal
      3.  
        Managing directory service domains
      4.  
        Fetching users and groups data from NIS+ scanner
      5.  
        Configuring attributes for advanced analytics
      6.  
        Deleting directory service domains
      7.  
        Scheduling scans
      8.  
        Configuring business unit mappings
      9.  
        Importing additional attributes for users and user groups
    5. Configuring containers
      1.  
        About containers
      2. Adding containers
        1.  
          Add new container/Edit container options
      3.  
        Managing containers
    6. Server Pools
      1.  
        About Server Pools
      2.  
        Adding Server Pools
      3.  
        Managing Server Pools
  3. Section III. Configuring native file systems in Information Governance
    1. Configuring clustered NetApp file server monitoring
      1.  
        About configuring a clustered NetApp file server
      2.  
        About configuring FPolicy in Cluster-Mode
      3.  
        Pre-requisites for configuring clustered NetApp file servers
      4.  
        Credentials required for configuring a clustered NetApp file server
      5.  
        Preparing a non-administrator local user on the clustered NetApp filer
      6.  
        Preparing a non-administrator domain user on a NetApp cluster for Information Governance
      7.  
        Persistent Store
      8.  
        Preparing Information Governance for FPolicy in NetApp Cluster-Mode
      9.  
        Preparing the ONTAP cluster for FPolicy
      10. About configuring secure communication between Information Governance and cluster-mode NetApp devices
        1.  
          Generating SSL certificates for NetApp cluster-mode authentication
        2.  
          Preparing the NetApp cluster for SSL authentication
      11.  
        Enabling export of NFS shares on a NetApp Cluster-Mode file server
      12.  
        Enabling SSL support for Cluster Mode NetApp auditing
    2. Configuring EMC Celerra or VNX monitoring
      1. About configuring EMC Celerra or VNX filers
        1.  
          About EMC Common Event Enabler (CEE)
        2.  
          Preparing the EMC filer for CEPA
        3.  
          Preparing Information Governance to receive event notification
      2.  
        Credentials required for configuring EMC Celerra filers
    3. Configuring EMC Isilon monitoring
      1.  
        About configuring EMC Isilon filers
      2.  
        Prerequisites for configuration of Isilon or Unity VSA file server monitoring
      3.  
        Credentials required for configuring an EMC Isilon cluster
      4.  
        Configuring audit settings on EMC Isilon cluster using OneFS GUI console
      5.  
        Configuring audit settings on EMC Isilon cluster using the OneFS CLI
      6.  
        Configuring Isilon audit settings for performance improvement
      7.  
        Preparing Arctera Insight Information Governance to receive event notifications from an EMC Isilon or Unity VSA cluster
      8.  
        Creating a non-administrator user for an EMC Isilon cluster
      9.  
        Utilizing access zone's SmartConnect Zone/Alias mappings
      10.  
        Purging the audit logs in an Isilon filer
    4. Configuring EMC Unity VSA file servers
      1.  
        About configuring Dell EMC Unity storage platform
      2.  
        Credentials required for configuring an EMC Unity VSA file server
      3.  
        Configuring audit settings on EMC Unity cluster using Unisphere VSA Unity console
    5. Configuring Hitachi NAS file server monitoring
      1.  
        About configuring Hitachi NAS
      2.  
        Credentials required for configuring a Hitachi NAS EVS
      3.  
        Creating a domain user on a Hitachi NAS file server for Information Governance
      4.  
        Preparing a Hitachi NAS file server for file system auditing
      5.  
        Advanced configuration parameters for Hitachi NAS
    6. Configuring Windows File Server monitoring
      1.  
        About configuring Windows file server monitoring
      2.  
        Credentials required for configuring Windows File Servers
      3.  
        Using the installcli.exe utility to configure multiple Windows file servers
      4.  
        Upgrading the Windows File Server agent
    7. Configuring Arctera File System (VxFS) file server monitoring
      1.  
        About configuring Arctera File System (AxFS) file servers
      2.  
        Credentials required for configuring Arctera File System (AxFS) servers
      3.  
        Enabling export of UNIX/Linux NFS shares on AxFS filers
    8. Configuring monitoring of a generic device
      1.  
        About configuring a generic device
      2.  
        Credentials required for scanning a generic device
    9. Managing file servers
      1.  
        About configuring filers
      2.  
        Viewing configured filers
      3. Adding filers
        1.  
          Add/Edit NetApp cluster file server options
        2.  
          Add/Edit EMC Celerra filer options
        3.  
          Add/Edit EMC Isilon file server options
        4.  
          Add/Edit EMC Unity VSA file server options
        5.  
          Add/Edit Windows File Server options
        6.  
          Add/Edit Arctera File System server options
        7.  
          Add/Edit a generic storage device options
        8.  
          Add/Edit Hitachi NAS file server options
      4.  
        Custom schedule options
      5.  
        Editing filer configuration
      6.  
        Deleting filers
      7.  
        Viewing performance statistics for file servers
      8.  
        About disabled shares
      9. Adding shares
        1.  
          Add New Share/Edit Share options
      10.  
        Managing shares
      11.  
        Editing share configuration
      12.  
        Deleting shares
      13.  
        About configuring a DFS target
      14.  
        Adding a configuration attribute for devices
      15.  
        Configuring a DFS target
      16.  
        About the DFS utility
      17.  
        Running the DFS utility
      18.  
        Importing DFS mapping
    10. Renaming storage devices
      1.  
        About renaming a storage device
      2.  
        Viewing the device rename status
      3.  
        Considerations for renaming a storage device
  4. Section IV. Configuring SharePoint data sources
    1. Configuring monitoring of SharePoint web applications
      1.  
        About SharePoint server monitoring
      2.  
        Credentials required for configuring SharePoint servers
      3.  
        Configuring a web application policy
      4. About the Information Governance web service for SharePoint
        1.  
          Installing the Information Governance web service for SharePoint
      5.  
        Viewing configured SharePoint data sources
      6. Adding web applications
        1.  
          Add/Edit web application options
      7.  
        Editing web applications
      8.  
        Deleting web applications
      9. Adding site collections
        1.  
          Add/Edit site collection options
      10.  
        Managing site collections
      11.  
        Removing a configured web application
    2. Configuring monitoring of SharePoint Online accounts
      1. About SharePoint Online account monitoring
        1.  
          Prerequisites for configuring SharePoint Online account
      2.  
        Configuring user with minimum privileges in Microsoft 365
      3.  
        Creating an application in the Microsoft Azure portal
      4.  
        Configuring application without user impersonation for Microsoft 365
      5.  
        Adding SharePoint Online accounts
      6.  
        Managing a SharePoint Online account
      7. Adding site collections to SharePoint Online accounts
        1.  
          Add/Edit site collection options
      8.  
        Managing site collections
  5. Section V. Configuring cloud data sources
    1. Configuring monitoring of Box accounts
      1.  
        About configuring Box monitoring
      2.  
        Using a co-admin account to monitor Box resources
      3. Configuring monitoring of cloud sources in Information Governance
        1.  
          Add/Edit Box account
      4.  
        Configuring Box cloud resources through proxy server
      5.  
        Information Governance limitations for Box permissions
    2. Configuring OneDrive account monitoring
      1.  
        About configuring OneDrive monitoring
      2.  
        Configuring user with minimum privileges in Microsoft 365
      3.  
        Creating an application in the Microsoft Azure portal
      4.  
        Configuring application without user impersonation for Microsoft 365
      5.  
        Add/Edit OneDrive account
      6. Adding OneDrive cloud accounts
        1.  
          Add/edit OneDrive user accounts
    3. Configuring Azure Netapp Files Device
      1.  
        About Azure Netapp Files
      2.  
        Configuring Azure Netapp Files Device
    4. Managing cloud sources
      1.  
        Viewing configured cloud sources
      2.  
        Managing cloud sources
  6. Section VI. Configuring Object Storage Sources
    1. Amazon S3
      1.  
        About Amazon Simple Storage Service (Amazon S3)
      2.  
        Configuring Amazon S3 account monitoring
      3.  
        Configuring Audit Events in AWS
      4.  
        Creating an Athena table
      5.  
        Adding Amazon S3 account
      6.  
        Limitations for Amazon S3 in Information Governance
      7. Managing Amazon S3 data source
        1.  
          Monitored Buckets
        2.  
          Classification
  7. Section VII. Health and monitoring
    1. Using Arctera Insight Information Governance dashboards
      1.  
        Viewing the system health overview
      2.  
        Viewing the scanning overview
      3.  
        Viewing the scan status of storage devices
      4.  
        Viewing the scan history of storage devices
    2. Monitoring Information Governance
      1.  
        Viewing events
      2.  
        About high availability notifications
      3.  
        Monitoring the performance of Information Governance servers
      4.  
        Configuring email notifications
      5.  
        Enabling Windows event logging
      6.  
        Viewing scan errors
  8. Section VIII. Alerts and policies
    1. Configuring policies
      1.  
        About Information Governance policies
      2. Managing policies
        1.  
          Create Data Activity Trigger policy options
        2.  
          Create User Activity Deviation policy options
        3.  
          Create Real-time Data Activity Policy options
        4.  
          Create Real-time Permitted User-based Activity Policy options
        5.  
          Create Real-time Restricted User-based Activity Policy options
        6.  
          Create Real-time Sensitive Data Activity policy options
      3.  
        Managing alerts
  9. Section IX. Remediation
    1. Configuring remediation settings
      1. About configuring permission remediation
        1.  
          Managing and configuring permission remediation
        2.  
          Configuring exclusions for permission recommendation
      2.  
        About managing data
      3.  
        About deleting files
      4. About configuring archive options for Enterprise Vault
        1.  
          Adding new Enterprise Vault servers
        2.  
          Managing Enterprise Vault servers
        3.  
          Mapping file server host names
      5. Configuring Microsoft Purview Information Protection (MIP) Label
        1.  
          Removing MIP Label
      6.  
        Using custom scripts to manage data
      7.  
        Viewing and managing the status of an operation
  10. Section X. Reference
    1. Appendix A.  Information Governance best practices
      1.  
        Understanding Information Governance best practices
    2. Appendix B.  Migrating Information Governance components
      1.  
        Migrating Information Governance components
    3. Appendix C. Backing up and restoring data
      1.  
        Selecting the backup and restore order
      2.  
        Backing up and restoring the Information Governance Management Server
      3.  
        Backing up and restoring the Indexer node
      4.  
        Understanding Information Governance best practices
    4. Appendix D. Arctera Information Governance health checks
      1. About Information Governance health checks
        1.  
          Services checks
        2.  
          Deployment details checks
        3.  
          Generic checks
        4.  
          Information Governance Management Server checks
        5.  
          Information Governance Indexer checks
        6.  
          Information Governance Collector checks
        7.  
          Information Governance Windows File Server checks
        8.  
          Information Governance SharePoint checks
        9.  
          Classification server health checks
        10.  
          Information Governance self service portal server health checks
    5. Appendix E. Command File Reference
      1.  
        fg.exe
      2.  
        indexcli.exe
      3.  
        reportcli.exe
      4.  
        scancli.exe
      5.  
        installcli.exe
    6. Appendix F. Arctera Information Governance jobs
      1.  
        Scheduled Information Governance jobs
    7. Appendix G. Troubleshooting
      1.  
        About general troubleshooting procedures
      2.  
        About the Health Audit report
      3.  
        Location of Information Governance logs
      4.  
        Downloading Information Governance logs
      5.  
        Migrating the data directory to a new location
      6. Troubleshooting FPolicy issues on NetApp devices
        1.  
          Viewing FPolicy-related errors and warnings
        2.  
          Resolving FPolicy connection issues
      7.  
        Troubleshooting EMC Celera or VNX configuration issues
      8.  
        Troubleshooting EMC Isilon configuration issues
      9.  
        Troubleshooting SharePoint configuration issues
      10.  
        Troubleshooting Hitachi NAS configuration issues
      11.  
        Troubleshooting installation of Tesseract software
      12.  
        Troubleshooting RHEL 9 upgrade issue
      13.  
        Troubleshooting CyberArk Password Manager Configuration Issues

Add/Edit EMC Isilon file server options

Table:

Field

Description

Cluster Management Host

Enter the host name for the Isilon cluster. It can be EMC Isilon SmartConnect Cluster name or it can be the DNS resolvable host name of one of the hosts of the cluster.

Note:

The Cluster Management host name is the same host name which is entered during the configuration of audit settings on the Isilon cluster. See Configuring audit settings on EMC Isilon cluster using OneFS GUI console.

Cluster Management Port

Enter the port number on Isilon to be used for discovery.

Note:

This is the port which is part of the URL used to access EMC Isilon OneFS web-based management console.

Collector

Use Collector Pool for Scanning

Do the following:

  1. Click Select Collector.

  2. The Select Collector pop-up displays the configured Collectors that are available for selection.

  3. Review the performance parameters such as disk and CPU utilization and backlog of files accumulating on the configured nodes. You can also view the number of devices, shares or site collections assigned to each configured node. It is recommended that you assign a node on which the resource utilization is low.

  4. Click Select to assign the Collector to the filer.

Information Governance connects to the filer from this server. Arctera recommends that the Collector worker node share a fast network with the filer

Changing the Collector

If you want to change the existing collector, you will lose events during collector migration, impacting the incremental scan. It is recommended that you initiate migration during the maintenance window. Prior to initiating the collector migration, make sure the following conditions are met:

  • There is a low latency network connectivity between the filer and the new collector.

  • There is a low latency network connectivity between the old and the new collector.

  • There is enough storage space on the new collector.

Check the Use Collector Pool for Scanning box if you want to assign a collector pool. The Collector Pool is typically treated as a single logical unit for load balancing, high availability, or scalability purposes. See About Server Pools. for more details.

Enter a number in the Maximum number of shares to scan in parallel field.

Maximum number of shares to scan in parallel is a configuration setting that controls how many file shares (like SMB/CIFS shares) the system scans simultaneously for a specific filer. Higher values can increase scanning speed but may consume more CPU and network bandwidth while lower values reduce resource usage but may slow down scanning. Set this value based on the filer's performance capacity and network conditions.

Indexer

Do the following:

  1. Click Select Indexer.

  2. The Select Indexer pop-up displays the configured indexers that are available for selection.

  3. Review the performance parameters such as disk and CPU utilization and backlog of files accumulating on the configured nodes. It is recommended that you assign a node on which the resource utilization is low.

  4. Click Select to assign the Indexer to the filer.

You can also migrate the file server to another Indexer.

Cluster Management Host Credentials

Select the saved credentials from the drop-down list to access the Cluster Management host.

Test credentials

Click to test the availability of network connection between the Collector worker node and the Isilon cluster.

Discover shares automatically

Check Discover shares automatically box to allow Information Governance to discover the shares on the filer automatically and add them to the configuration.

Note:

If this box is unchecked, Information Governance will not be able to add DFS mapping automatically.

Indicate your preference as to the options that Information Governance should use to discover shares on the Isilon cluster. Select one of the following:

  • Scan & audit shares of all access zones using EMC filer's IP or FQDN.

  • Scan & audit shares of chosen access zones using EMC filer's IP or FQDN.

  • Scan & audit shares of chosen access zones using preferred smart connect zone name and aliases.

Ensure that configured SmartConnect zones/SmartConnect zone aliases are DNS resolvable otherwise scan fails for these shares.

Note:

Support for using SmartConnect to discover shares is available for Isilon OneFS version 8.0 and later.

Ensure that the host name of the access zones, SmartConnect zones, and SmartConnect zone aliases that you want Information Governance to discover are DNS resolvable from the Collector node monitoring the filer.

Note:

When you switch between Access Zone / Smart connect zone / Smart connect zone alias, some shares under the Monitored Shares list may get disabled. After the next discover share job and discovery merge jobs gets executed successfully, Monitored Shares list will be updated according to the selected option.

See Utilizing access zone's SmartConnect Zone/Alias mappings.

Enable CIFS Monitoring

Check the box to monitor CIFS shares.

Enable NFS Monitoring

Check the box to monitor NFS exports on the Isilon cluster.

Select Domain

Select domain from the drop-down.

Access Zones Configuration

If you have enabled Enable file system event monitoring option, shares will be scanned and audited. If you have disabled that option, shares will be scanned only.

Select one of the three radio buttons

  • All access zones using cluster management host: If you select this option, all the shares will be scanned and audited using Cluster Management Host.

  • Chosen access zones using cluster management host: If you select this option, Arctera may exclude or disable few shares. This is applicable only if you are editing the existing devices. For example, if you have 10 access zones having 100 shares and if you choose only 2 access zones with 25 shares, remaining 75 shares will not be scanned or audited. In case of new device, all the shares belonging to the selected access zone will be scanned and audited using Cluster Management Host.

  • Chosen access zones using smart connect zone name or smart connect zone alias: If you select this option, Arctera may be exclude or disable few shares. This is applicable only if you are editing the existing devices. In case of new device, all the shares belonging to the selected access zone will be scanned and audited using respective smart connect zone name or smart connect zone alias.

    Check Configure remaining (unselected) access zones using cluster management host checkbox to scan and audit all shares belonging to unselected access zones using Cluster Management Host

Note:

In case you have upgraded and have existing devices: If you select one of the option, Information Governance will update existing exclude rules and exclude patterns to the new format. If the update fails, you need to manually fix the exclude rules, patterns and then retry.

Delete old DFS mapping and do not create them automatically

If the box is checked, all automatically generated DFS mappings will be deleted and no new mappings will be created. If you uncheck this box, you can add your own DFS mappings manually. These mappings are referred as Custom DFS mappings. Arctera will not delete Custom DFS mappings. In order to delete Custom DFS mappings, you need to select these mappings on the filer's page and delete them individually.

Enable file system event monitoring

Select to enable event monitoring on the filer.

Enable filer scanning

Check the box to enable filer scanning according to the specified schedule.

Scan newly added shares immediately

Select this option to scan newly added shares immediately, instead of waiting for the normal scan schedule. Note that a scan can run only when scanning is permitted on the Collector node.

Scanner credentials

See Credentials required for configuring an EMC Isilon cluster.

Scanning Schedule(Full Scan)

Select one of the following to define a scanning schedule for shares of this filer:

  • Use the Collector's default scanning schedule

  • Use custom schedule

From the drop-down, select the appropriate frequency option.

Warning:

It is recommended that you modify the filer's page of EMC filers (that were added before upgrading to Information Governance 6.4) and choose one of the new radio buttons. Shares may get disabled if more restrictive option is chosen. This is required to support shares with same name belonging to different access zones. You should verify and reconfigure exclude rules, exclude patterns, reports, policies, and workflows as required.

More Information

About migrating storage devices across Indexers

Configuring audit settings on EMC Isilon cluster using OneFS GUI console

Preparing Arctera Insight Information Governance to receive event notifications from an EMC Isilon or Unity VSA cluster

Creating a non-administrator user for an EMC Isilon cluster