It depends on what they want to do with the NAS; what their server and storage environment looks like; what applications...
will be using the NAS; what performance and capacity will be required; and how many servers will be accessing the NAS. It depends on their DR, business continuity and compliance requirements; whether the NAS is centralized or distributed; growth and growth strategies; and whether the NAS is an integrated system or a NAS head attached to a SAN. It also depends on organizational management strategy, skills and personnel; what level of service is required upfront, upon implementation and ongoing. And it depends on the incumbent storage vendor and satisfaction with that vendor; the vendor limitation policies of the organization; and which vendors have organization "favor" and which ones don't.
In summary, it depends, it depends and it depends. Mostly, it depends on common sense. Unfortunately, as Voltaire once said, "common sense is not so common." The answer will inevitably vary among end users. So, instead of recommending a vendor or product, I am suggesting a common sense process:
- Determine both the tactical (urgent) NAS requirements and organizational strategic (important) constraints
- NAS head using pooled SAN assets
- NAS system supplying its own block-storage capacity
- NAS and SAN combination for different applications
- Make sure the infrastructure topology is capable of handling the requirements. NAS can overwhelm an existing LAN environment if there are large data transfer requirements. If that is the case, plan on scaling the LAN capacity to meet the NAS needs.
- Understand what the users, applications and administrators really require. Many NAS features have no real value proposition other than distinguishing vendors from one another.
- Feature function, beyond what is required for the life of the storage, must (I repeat MUST) have a quantifiable value proposition to the organization. This means the benefits outweigh the costs. Always specify the results and NOT the method in achieving those results. This will force vendors to be creative in meeting your needs.
- Be unambiguous on how and what must work with the organization's network management system. This may include HP OpenView, SNMP, SMI-S, Java, HTTP, HTTPS or XML. If no management system interoperability is required, make sure the native management meets the skills and requirements of the organization.
- Performance requirements must be clearly articulated from all involved with using or supporting the NAS.
- A capacity planning exercise should be performed to calculate the scalability requirements on both capacity and performance.
- Establish the level of RAID protection (if any) required, as well as the OS file protocols such as CIFS (Windows systems,) NFS (Unix and Linux systems), NCP (Novell NetWare systems) and AFP (Apple talk for older Apple systems.)
- Clarify what type of DR and/or business continuity planning is required and at what performance by the NAS system.
- If block-storage connection is required, determine whether FC is required (performance) or iSCSI will suffice. The iSCSI will run on the same fabric as the NAS itself and have a much lower cost.
- Verify the organizational vendor requirements (politically, contractually, support, etc.)
Identify all service requirements for implementation and support. Make sure all costs are unmistakably identified in all vendors' proposals.
Don't get hung up on the latest greatest technology trends such as global name space, clustering, WAFS or file virtualization. All technology is a means to accomplish an end. All that matters is that your needs are met within your technology, budget and political restraints. And, that your tactical and strategic requirements are met. If the technology doesn't meet those requirements, then it is worthless to you.
Although this is a common sense approach, it also requires plain old-fashioned planning. The alternative is just putting your fate in the hands of your favorite trusted vendor. If you choose this path, remember the immortal words of former president Ronald Reagan, "trust, but verify."