• ready to use and comfortable ZFS storage appliance for iSCSI/FC, NFS and SMB
  • Active Directory support with Snaps as Previous Version
  • user friendly Web-GUI that includes all functions for a sophisticated NAS or SAN appliance.
  • commercial use allowed
  • no capacity limit
  • free download for End-User

  • Individual support and consulting
  • increased GUI performance/ background agents
  • bugfix/ updates/ access to bugfixes
  • extensions like comfortable ACL handling, disk and realtime monitoring or remote replication
  • appliance diskmap, security and tuning (Pro complete)
  • Redistribution/Bundling/setup on customers demand optional
please request a quotation.
Details: Featuresheet.pdf

Encryption Pools Poef

(Pools on lofi encrypted files or devices works on any Solaris based System like Illumian, OmniOS, OpenIndiana or Solaris 11)

  • GUI management of ZFS Folders on AES 256 encrypted files or on encrypted devices
    - Create encrypted folders
    - Lock encrypted folders
    - Unlock encrypted folderes
  • based on AES 256 encrypted files or on a ZFS pool or mounted UFS disk
  • Basic Pools from one large file
  • ZFS Z2 Pools from multiple small files. You can backup these encrypted Pools/files to any disk or cloud provider with ZFS-Z2 datasecurity
  • Encrypted disks are handled like unencrypted disks. You must unlock them after bootup. After unlocking they can be used like regular disks.

How to setup

  • Encrypted pool management is part of napp-it Pro (with home or commercial keys)

Howto create encrypted pools on encrypted files

  • Create a regular dataset example tank/secrets
  • Create a new encrypted pool on this dataset with menu: pools - encrypted pools extension - create pool oef
      - use small devices (example 2 GB) and Raid-Z2 if you want to backup your pools to external disks
      - use one large basic pool if ylofiou just want to provide encrypted pools
  • Use menu : pools - encrypted pools extension - disconnect pool oef to lock/disconnect a pool (or shutdown)
  • Use menu : pools - encrypted pools extension - connect pool oef to reconnect a pool (after lock orpower-on)

Howto backup encrypted pools (filebased)

  • If your encrypted pool is offline/disconnected: Backup the folder with the encrypted files
  • If your pool is online/ in use: do a snap and backup the files from snap (Windows: previous version)
  • If you have build a pool from several files for example as a raid-z2 you are able to backup the encrypted files containing your pool with ZFS Z2 data security.

GUI management of Pools build on encrypted files is included in napp-it Pro.
If you want to encrypt your pools with napp-it free, you can do it via CLI or a shell script:

1. create a 10G file in /tank/secrets (a ZFS dataset)
cd /tank/secrets
mkfile 10g file1

2. create encrypted blockdevices from these file(s) -> creates a device /dev/lofi/1
lofiadm -c aes-256-cbc -a /tank/secrets/file1
Enter passphrase: ..

-repeat for all disks if you want to build a pool from more disks to have redundancy
(important if you want to backup these files on a non-ZFS file system)

3. Create a regular (ex. basic) ZFS pool from this or these (encrypted) device(s)
zpool create secretpool /dev/lofi/1

The newly created pool works like any ZFS pool.

4. To take offline you must export the pool and remove the devices:

zpool export secretpool
lofiadm -d /tank/secrets/file1

5. To take online you must build devices from the files again using the same PW and import the pool
lofiadm -c aes-256-cbc -a /tank/secrets/file1
Enter passphrase: ..

If you use the wrong PW, all seems ok but there are no files...

6. Now you can import your pool from these devices
zpool import -d /dev/lofi shows all available pools

To import the pool, you must use:
zpool import -d /dev/lofi/ secretpool

Only disadvantage may be some lower performance (goes through ZFS twice + encryption).

It is very elegant, easy to implement and simply based on one or more encrypted files.
If you want to backup them, you can just copy them. With small files its not a problem, even on FAT disks
with a max file limit of 2 GB. If you have build redundant ZFS pools from several files (ex Raid-Z2) its even not
a problem if two files get damaged for whatever reason on your backup disk. (encrypted backup with full ZFS data security)

more: fs on solaris 10 tips/Automatic Storage Management/ASM 21.shtml

napp-it 27.12.2023