NOTE: This topic is part of the Uptime Information Hub.
Are you an EMC Isilon systems administrator? Have you recently installed a third-party security update or encountered other issues related to your Isilon cluster that resulted in data unavailability or data loss? If you had been monitoring EMC Isilon technical advisories (ETAs), you probably could have avoided service disruptions and data integrity issues.
ETAs alert you to potential hardware or software issues that could cause serious negative impacts to your production environment, such as data loss, data unavailability, loss of system functionality, or anything that could result in significant safety risks. ETAs include specific details about issues, and instructions to prevent or alleviate the problem.
Why keeping up with ETAs is important
EMC publishes and alerts you to technical advisories immediately upon discovery and analysis, so that you can stay informed on issues that could have a high impact on your Isilon cluster.
We are aware that EMC issues quite a few email messages, including:
- EMC Security Advisories
- End of Service Life Notifications (hardware and software)
- Customer Advisory Letters
- EMC Technical Advisories
- Product Updates
and that you may feel inundated by them. They are easy to ignore. However, it is vital that you track EMC technical advisories on a regular basis for issues that might affect your cluster. In particular, you should pay close attention to advisories with impact severity ratings of critical. Ignoring these alerts could lead to data unavailability or data loss on your production cluster.
Example of a high-impact ETA
ETA 199379, issued on March 12, 2015, and updated on July 20, 2015, is an example of a critical (potential data unavailable) technical advisory regarding Microsoft security bulletins MS15-027 and MS15-071. In some cases, customer network servers were configured to auto-install the Microsoft updates. If that happened, then the issue described in this ETA would be exposed and data unavailable or data loss could have occurred. On the initial release of the Microsoft security bulletin, the Isilon fix needed to be applied before the Microsoft update was applied. If the reverse happened, customers were impacted, and therefore the timing was critical.
- These security advisories were issued by Microsoft on March 10, 2015 and July 14, 2015, respectively.
- An Isilon ETA was published on March 12, 2015 and updated on July 20, 2015. The final update added details about Microsoft Security Bulletin MS15-071, which caused the same issue. The patches Isilon issued were applicable to both bulletins.
- Isilon resolved this issue in OneFS 7.1.14 and OneFS 220.127.116.11.
- Isilon issued patches to address both Microsoft security bulletins on all other OneFS versions. For more information about these patches, see ETA 199379.
Summary of ETA 199379
If Microsoft security updates MS15-027 or MS15-071 were installed on an Active Directory server that authenticated SMB clients that were accessing an Isilon cluster, and if the server used the NTLMSSP challenge-response protocol, the SMB clients could not be authenticated. As a result, SMB clients could not access data on the cluster. Authentication failures might have also affected clients that attempted to access data through HTTP-based protocols, such as the Representational State Transfer (REST) API.
Keep up with the latest ETAs by:
- Subscribing to ETA notifications on the Isilon OneFS Support page (requires a login to EMC Customer Support). To learn how to set up ETA e-mail alerts, you can watch this video: How to Set Up an Email Event Notification in OneFS.
- Following the Uptime Info Hub's page ETAs in effect for OneFS.
- Reviewing the Current OneFS Patches document to learn more about current patches that relate to ETAs.
- Checking the ETAs and ESAs sections of the OneFS Release Notes.
If you have feedback or questions about ETAs, post your comments below.