Skip to main content
Data Infrastructure Insights

ONTAP Essentials

Contributors netapp-alavoie

ONTAP Essentials is a set of dashboards and workflows that provide detailed overviews of your ONTAP inventories and workloads. You may see the following terms used when working in ONTAP Essentials:

  • Infrastructure/Inventory: Objects that provide storage/networking services to user data

  • Workloads: Objects that provide interface to users to read/write data.

  • Data Protection: Objects that can be protected using NetApp data protection technologies

For additional terms and definitions related to ONTAP, see the ONTAP Data Collector documentation.

ONTAP Essentials requires at least one working ONTAP data collector with data collected within the last seven days.

Overview

To begin exploring, select ONTAP Essentials from the main Data Infrastructure Insights menu.

Overview dashboard for ONTAP Essentials

The Overview dashboard displays useful information like the number of clusters on your tenant with their overall capacity and performance percentages. You will also see predictive data regarding the number of expected days until storage capacity or performance capacity runs out of space. Additionally, if any controllers in your infrastructure are running with their CPU at more than 65%--potentially putting your cluster at risk in case of failover—​ONTAP Essentials shows those as "Hot" controllers.

Informative graphs give you a look into performance over time as well as breakdowns of capacity usage. Each of these graphs or data points can be used as a starting point for exploration or investigation.

Note: A "days to full" number of "0" (zero) indicates that days to full is estimated at greater than 90 days. In other words, your systems aren't in danger of running out of space any time soon.

Data Protection

The Data Protection page shows the status of volumes protected by Snapshot copies or SnapMirror policies.

In the Local Protection Overview section, the charts provide the following information for volumes protected by Snapshot copies:

  • The number of volumes protected by Snapshot copies, as well as those not protected.

  • The number of volumes that are using or exceeding the reserve space for the Snapshot copies.

  • The number of volumes in specific ranges of Snapshot copy count (i.e. less than 10 copies, 10 to 200, etc.).

In the Remote Protection Overview section, the charts provide information related to volumes protected by SnapMirror policies:

  • The number of healthy and unhealthy SnapMirror relationships.

  • The number of SnapMirror relationships experiencing recovery point objective (RPO) lag based on the lag status.

  • The number of relationships protected by SnapMirror volume protection types such as Volume SnapMirror, SVMDR relationships, FlexGroup SnapMirror relationships, SnapMirror Business Continuity (SMBC) consistency Group relationships, as well as unprotected volumes.

  • The number of relationships protected by the SnapMirror relationship types such as Asynchronous Mirror, Asynchronous Vault, Asynchronous MirrorVault, StrictSync, and Sync.

Data Protection Dashboard widgets showing Local and Remote overviews

The Clusters grid at the bottom of the page provides details related to the following:

  • Volumes not protected by Snapshots.

  • Volumes breaching snapshot reserve space.

  • Volumes not protected by snapmirror policies and snapmirror relationships experiencing lag.

  • Unhealthy SnapMirror relationships.

Data Protection Cluster List

Security

The Security Dashboard gives you an instant view of your current security situation, showing charts for hardware and software volume encryption, anti-ransomware status, and cluster authentication methods. Security criteria is evaluated based on recommendations defined in the NetApp Security Hardening Guide for ONTAP 9.

Select any of the encryption or anti-ransomware counts to dive into your environment.

ONTAP Essentials Security Dashboard

The ONTAP Essentials Security dashboard monitors your environment to determine cluster compliance status. Refer to the Cluster Compliance Categories to learn more. ONTAP Essentials uses the following monitors to determine compliance:

Monitor Name Attribute Name (Displayed in Cluster Details) Attribute Compliant Value

FIPS Mode Disabled

FIPS mode

Enabled

Cluster Insecure ciphers for SSH

Secure SSH Settings

Yes

Telnet Protocol Enabled

Telnet

Disabled

Remote Shell Enabled

Remote Shell

Disabled

Default Local Admin User Enabled

Default Admin User

Disabled

MD5 Hashed password

MD5 in use

No

Cluster Peer Communication Not Encrypted

Cluster Peering

Encrypted/ No Peer

AutoSupport HTTPS Transport Disabled

AutoSupport using HTTPS

Yes

No NTP Servers are Configured

Network Time Protocol

Configured

NTP Server Count is Low

Network Time Protocol

Configured

Cluster Login Banner Disabled

Login Banner

Enabled

Log Forwarding Not Encrypted

Log Forwarding Encrypted

Yes

Note that if a monitor above is disabled, the cluster details will show the value as ‘Not checked’ for the corresponding security compliance attribute.

Cluster Compliance Status

For SVMs, the Security dashboard looks at the following monitors:

Monitor Name Attribute Name (Displayed in Storage VM Settings) Attribute Compliant Value

Storage VM Insecure ciphers for SSH

Secure SSH Settings

Yes

Storage VM Login banner disabled

Login Banner

Enabled

Storage VM Audit Log Disabled

Audit Log

Enabled

In the cluster list, select View Details for each cluster to open a "slideout" panel showing you the current settings for Cluster, Storage VM, or Anti-Ransomware.

Cluster details include connection status, certificate information, and more:
Cluster Detail Slideout Panel

Storage VM details show audit and SSH information:
Storage tab

Anti-Ransomware details show whether a storage VM is protected by ONTAP's Anti-Ransomware Protection or Data Infrastructure Insights Workload Security. Note that the ONTAP ARP column displays the current status of ONTAP's on-board Anti-Ransomware Protection, which is configured on the ONTAP system. Data Infrastructure Insights Workload Security can be enabled by selecting "Protect" in that column.
Anti-Ransomware tab

Alerts

Here you can view the Active alerts on your tenant and quickly drill down into potential problems. Select the Resolved tab to view alerts that have been resolved.

ONTAP Essentials Alerts List

Infrastructure

The ONTAP Essentials Infrastructure page gives you a view of cluster health and performance, using pre-built (yet further customizable) queries on all the basic ONTAP objects. Select the object type you wish to explore (cluster, storage pool, etc.) and choose whether to view health or performance information. Set filters to dive deeper into individual systems.

Infrastructure selections for storage pools

Infrastructure page showing cluster health:
Infrastructure objects to explore

Networking

ONTAP Essentials Networking gives you views into your FC, NVME FC, Ethernet, and iSCSI infrastructure. On these pages you can explore things like ports in your clusters and their nodes.

ONTAP Essentials Networking Menu
ONTAP Essentials Networking FC page showing ports into cluster nodes

Workloads

View and explore workloads on LUNs/Volumes, NFS or SMB Shares, or Qtrees on your tenant.

Workloads Menu

Workloads list page