Connecting

For Windows Network Drives, the app will require a hostname, username, domain (if non default), password, sharename, and optionally, the path to a folder on the file share (if you do not want to scan the whole drive). If you obtain a connection string for this, we will be able to ascertain all the necessary information from it. There are several different syntaxes that these connection strings can use, but they typically look something like this: 

smb://[[domain;]username[:password]@]server/share/path

Note: We typically advise that you create a new, separate account specifically for the Data X-Ray on your Windows Network Drives that has read-only access to the whole or parts of the database that you would like scanned.

Please ensure that any firewall or NAT that is running on the network will allow the Data X-Ray to connect on the necessary port. The default ports typically necessary for SMB are 137 and 138 on UDP, and 139 and 445 for TCP.

SMB access happens programmatically through our server application and our code uses the open source SMBJ library that uses the SMB 2 and 3 protocols. Our application will essentially be acting as client to whatever SMB-enabled server share you have. Inside the application, when adding a new datasource to scan, the Data X-Ray will prompt the user to add in credentials (IP address, port (if not default), share name, workgroup, username and password). The credentials will be encrypted and stored in the application database that also runs on the machine. 

For reference, here is the connection screen for network drives:

Alternate: Direct connection to mounted drive via filesystem

Alternatively, we can manually connect to folders that are mounted directly to the file system that the server is running on. If this is a better solution for your infrastructure, please let Ohalo know.

Scanning architecture

Even if account you provide for the Data X-Ray has access to a very high level division of the drive/server, or even the root of the drive/server, typically you will not want to scan an entire drive at one time as these drives can sometimes contain millions of files (most of which may not even be relevant) and it gets increasingly difficult to analyse and take remediative action in very large drives. Additionally, larger drives naturally take longer to scan, so the ability to iterate quickly is sacrificed when scanning very large drives.

In order to make the Data X-Ray most effective for your organisation, Ohalo has developed a best practice of first thinking about what your organisation looks like. Many organisations organize drive structures along natural organisational boundaries like teams and divisions or perhaps products and clients. Ohalo typically recommends mirroring this architecture when connecting network drives by simply connecting multiple subfolders within the same drive by including the subfolder in the sharename box above.

Did this answer your question?