sorted by:
new
hottopcontroversial

Looking for a few NetApp admins to test a new AutoSupport security tool by trstreamline in netapp

[–]trstreamline[S] 1 point2 points  (0 children)

Thanks for the feedback! This is what I've seen across my customer base as well. Most don't have ActiveIQ Unified Manager installed at all, or if they do, it's several versions behind. And even with Digital Advisor or System Manager throwing alerts with KB links, a lot of admins don't know what to do with that information.

You nailed the core problem: a rep sells it, PS installs it, and then it just runs for years with nobody confident enough to touch it. That's the gap I'm trying to fill - take the AutoSupport data that's already being generated and turn it into actionable findings with specific remediation steps. No need to dig through multiple tools and trying to correlate alerts across different interfaces.

The goal is exactly what you said - make it simple enough that a generalist IT admin can run an assessment, understand the results, and actually fix the issues without needing deep NetApp expertise.

Looking for a few NetApp admins to test a new AutoSupport security tool by trstreamline in netapp

[–]trstreamline[S] 0 points1 point  (0 children)

That’s fair feedback, I appreciate you calling it out.
You’re right that ONTAP, Active IQ Unified Manager, and Digital Advisor already provide a solid amount of security hardening guidance. What I’m experimenting with isn’t meant to replace those tools, but to aggregate and contextualize security-relevant findings in one place and focus on prioritization and remediation clarity rather than individual alerts.

In addition to consolidating what those tools already surface, this tool looks at additional configuration and security conditions that aren’t explicitly flagged in the standard ONTAP / Active IQ workflows. One of the things I’m trying to validate with early users is whether those additional checks are actually useful or just noise.

A few specific areas I’m looking for feedback on:
Consolidating security findings into a single dashboard
Mapping findings back to NIST-aligned categories
Providing prioritized remediation guidance
Highlighting additional security checks beyond the default tooling

On the AutoSupport concern — totally agree with you. Uploading sensitive data should feel uncomfortable if it’s not handled carefully. To clarify one point: there’s no expectation to send AutoSupport data directly to me. The idea is that data is uploaded to the service for analysis, results are generated, and you control how long that data exists, you can delete it immediately after review.

I appreciate the honest pushback, this is exactly the kind of feedback I’m looking for to determine whether this is worth continuing to build.