Getting started with Cloud Data Sense for Azure NetApp Files
Complete a few steps to get started with Cloud Data Sense for Azure NetApp Files.
Quick start
Get started quickly by following these steps, or scroll down to the remaining sections for full details.

Before you can scan Azure NetApp Files volumes, Cloud Manager must be set up to discover the configuration.

Deploy Cloud Data Sense in Cloud Manager if there isn’t already an instance deployed.

Click Compliance, select the Configuration tab, and activate compliance scans for volumes in specific working environments.

Now that Cloud Data Sense is enabled, ensure that it can access all volumes.
-
The Cloud Data Sense instance needs a network connection to each Azure NetApp Files subnet.
-
Make sure these ports are open to the Data Sense instance:
-
For NFS – ports 111 and 2049.
-
For CIFS – ports 139 and 445.
-
-
NFS volume export policies must allow access from the Data Sense instance.
-
Data Sense needs Active Directory credentials to scan CIFS volumes.
Click Compliance > Configuration > Edit CIFS Credentials and provide the credentials.

Select or deselect the volumes that you want to scan and Cloud Data Sense will start or stop scanning them.
Discovering the Azure NetApp Files system that you want to scan
If the Azure NetApp Files system you want to scan is not already in Cloud Manager as a working environment, you can add it to the canvas at this time.
Deploying the Cloud Data Sense instance
Deploy Cloud Data Sense if there isn’t already an instance deployed.
Data Sense must be deployed in the cloud when scanning Azure NetApp Files volumes, and it must be deployed in the same region as the volumes you wish to scan.
Note: Deploying Cloud Data Sense in an on-premises location is not currently supported when scanning Azure NetApp Files volumes.
Upgrades to Data Sense software is automated as long as the instance has internet connectivity.
Enabling Cloud Data Sense in your working environments
You can enable Cloud Data Sense on your Azure NetApp Files volumes.
-
At the top of Cloud Manager, click Data Sense and then select the Configuration tab.
-
Select how you want to scan the volumes in each working environment. Learn about mapping and classification scans:
-
To map all volumes, click Map all Volumes.
-
To map and classify all volumes, click Map & Classify all Volumes.
-
To customize scanning for each volume, click Or select scanning type for each volume, and then choose the volumes you want to map and/or classify.
See Enabling and disabling compliance scans on volumes for details.
-
-
In the confirmation dialog box, click Approve to have Data Sense start scanning your volumes.
Cloud Data Sense starts scanning the volumes you selected in the working environment. Results will be available in the Compliance dashboard as soon as Cloud Data Sense finishes the initial scans. The time that it takes depends on the amount of data—it could be a few minutes or hours.
Verifying that Cloud Data Sense has access to volumes
Make sure that Cloud Data Sense can access volumes by checking your networking, security groups, and export policies. You’ll need to provide Data Sense with CIFS credentials so it can access CIFS volumes.
-
Make sure that there’s a network connection between the Cloud Data Sense instance and each network that includes volumes for Azure NetApp Files.
For Azure NetApp Files, Cloud Data Sense can only scan volumes that are in the same region as Cloud Manager. -
Ensure the following ports are open to the Data Sense instance:
-
For NFS – ports 111 and 2049.
-
For CIFS – ports 139 and 445.
-
-
Ensure that NFS volume export policies include the IP address of the Data Sense instance so it can access the data on each volume.
-
If you use CIFS, provide Data Sense with Active Directory credentials so it can scan CIFS volumes.
-
At the top of Cloud Manager, click Data Sense.
-
Click the Configuration tab.
-
For each working environment, click Edit CIFS Credentials and enter the user name and password that Data Sense needs to access CIFS volumes on the system.
The credentials can be read-only, but providing admin credentials ensures that Data Sense can read any data that requires elevated permissions. The credentials are stored on the Cloud Data Sense instance.
After you enter the credentials, you should see a message that all CIFS volumes were authenticated successfully.
-
-
On the Configuration page, click View Details to review the status for each CIFS and NFS volume and correct any errors.
For example, the following image shows four volumes; one of which Cloud Data Sense can’t scan due to network connectivity issues between the Data Sense instance and the volume.
Enabling and disabling compliance scans on volumes
You can start or stop mapping-only scans, or mapping and classification scans, in a working environment at any time from the Configuration page. You can also change from mapping-only scans to mapping and classification scans, and vice-versa. We recommend that you scan all volumes.
To: | Do this: |
---|---|
Enable mapping-only scans on a volume |
In the volume area, click Map |
Enable full scanning on a volume |
In the volume area, click Map & Classify |
Disable scanning on a volume |
In the volume area, click Off |
Enable mapping-only scans on all volumes |
In the heading area, click Map |
Enable full scanning on all volumes |
In the heading area, click Map & Classify |
Disable scanning on all volumes |
In the heading area, click Off |
|
New volumes added to the working environment are automatically scanned only when you have set the Map or Map & Classify setting in the heading area. When set to Custom or Off in the heading area, you’ll need to activate mapping and/or full scanning on each new volume you add in the working environment. |