Data Compliance: Guilty Until Proven Tamperproof

The answer to a barrage of laws and regulations requiring IT to store data for increasing periods of time? CAS and locked NAS.

Howard Marks, Network Computing Blogger

February 21, 2008

2 Min Read


For all its sexiness, CAS is a complicated solution to the problem of preventing users and admins from deleting or modifying files. Several vendors, including Network Appliance through its optional SnapLock for filers running OnTap and Sun's StorageTek division through its StorEdge Compliance Archiving software, have added software-managed WORM to their NAS appliances. Organizations can use the same NAS architectures, even the same appliances, as their primary file stores and still have a WORM archive. One system for backup, replication, and management saves money and complexity.

Locked NAS is also easy on your developers. Rather than having to integrate a new XML-based API, they can simply write to the locked NAS via CIFS or NFS. Data-retention periods can be defined on a folder-by-folder, or even a file-by-file, basis by setting the "file last accessed" time attribute to the end of the retention period and then flagging the file as read only.

Now that Network Appliance has rolled out its proprietary Advanced Single Instance Storage (A-SIS) subfile data deduplication technology, a NetApp filer running SnapLock can one-up the CAS vendor's single-instance storage, eliminating not just duplicate files but also duplicate data within files, ensuring that those five corporate positioning slides that appear in almost every PowerPoint presentation will be stored only once.

Compared with CAS, locked NAS does lack a mechanism for storing metadata about objects. How big a problem that is depends on how good your archiving software is. CAS systems provide an XML interface for storing file metadata, but organizations selecting locked NAS as their compliance stores will need to look to their archiving software or enterprise content management systems as a metadata store.

THE REPORT: Managing Enterprise Storage

Thin provisioning, data dedupe, and compression are vital, but you also need storage management

See all our reports at

Continue to the sidebar:
Send It Out: The Resurgence Of Storage As A Service

Read more about:


About the Author(s)

Howard Marks

Network Computing Blogger

Howard Marks is founder and chief scientist at Deepstorage LLC, a storage consultancy and independent test lab based in Santa Fe, N.M. and concentrating on storage and data center networking. In more than 25 years of consulting, Marks has designed and implemented storage systems, networks, management systems and Internet strategies at organizations including American Express, J.P. Morgan, Borden Foods, U.S. Tobacco, BBDO Worldwide, Foxwoods Resort Casino and the State University of New York at Purchase. The testing at DeepStorage Labs is informed by that real world experience.

He has been a frequent contributor to Network Computing and InformationWeek since 1999 and a speaker at industry conferences including Comnet, PC Expo, Interop and Microsoft's TechEd since 1990. He is the author of Networking Windows and co-author of Windows NT Unleashed (Sams).

He is co-host, with Ray Lucchesi of the monthly Greybeards on Storage podcast where the voices of experience discuss the latest issues in the storage world with industry leaders.  You can find the podcast at:

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights