A good design must consider the security of a SAN network from multiple views. Since
a SAN network links servers to storage device and servers to nodes through internet It brings high security risk too when all data can be accessed directly from so many nodes.
According to Zhang Xiao and Li Zhanhuai, There are four types of security issues related to the security of data that need to be addressed before designing SAN.
1 Physical security issue
2 Security issue in transition
3 Access control issue
4 Manage console issue
1 Planning for physical security:
There can be two physical security problems in a SAN.
â€¢ Data can be stolen
â€¢ Data can be lost or destroyed by natural disaster
Firstly during planning and designing we must ensure the physical security of storage space, we must ensure if the disk array will be safe, the data on it should be unreadable.
Secondly we should plan from recovering data from backup Media if in case data is lost or stolen. This requires that arrangement of daily back up plan. The most conventional backup media is tape.
2 Panning for Security in Transition:
When data transmits in the network, the data maybe sniffed or modified in the process of transition. Two methods can be applied to secure the data during transition
â€¢ Using encryption: IP SAN is based on TCP/IP network, so Data can be encrypted using either symmetric encryption (two same key) or asymmetric encryption (public and private key).Symmetric encryption such as DES and Triple DES can be used where only sender and receiver will have the key so no one can read the message which ensures confidentiality, integrity and Authentication. Non-symmetric encryption such as PKI, RSA and Diffie Hanman key exchange can be used between sender and receiver which are now used as standard method for data transmission.
â€¢ Using protocol: FC-SP protocols are used to implement security in a Fiber Channel .Protocols to authenticate Fiber Channel entities, protocols to set up secret keys, protocols to negotiate the parameters required to ensure frame-by-frame integrity and confidentiality, and protocols to establish and distribute policies across a Fiber Channel fabric. An Authentication process such DHCHAP Protocol, FCAP Protocol, FCPAP Protocol happens between sender and receiver.
3 Planning for Access Control
In SAN environment, since every host connects with every storage device setting access privilege can prevent uncontrolled access. There are three types of access privilege setting method.
â€¢ Zone technology specifies which servers can access which storage. Elements of the same zone can communicate with each other, but they can’t communicate with the storage or other device out of the zone. There are two kinds of zone, hard zone and soft zone. Hard zone is defined at the switch level, it defines ports into one zone. Soft zone is based on World Wide Names. Soft zone is easy to change the configuration or connection method.
â€¢ Planning for LUN masking, in SAN environments, the elements in storage device are assigned several LUN to identify the logical unit that host can access. In LUN masking, if the LUN haven’t assigned to the host, then the device element is invisible to the host. And volumes in one disk array can be divided into several zones by LUN.
â€¢ IP SAN use switch as normal TCP/IP network, so it implement zone in other ways. There are two methods to specify access privileges. One is controller access control lists(ACL) and another is iSNS (Intamet Storage Name Service). Controller ACL specify a list of server are allowed access to the volume in each iSCSI volume. It use standard iSCSI discovery session mechanism to make the volume is invisible to the server out of the list. The iSNS is a protocol of TCP/IP protocol suite implemented in application layer. This protocol is designed to facilitate the automated discovery, management, and configuration of discs.
4 Planning for Security of Manage Console
All the security setting or policy are set on the manage console, so if anyone gain the access control of manage console, they will get what they want by changing the setting. So it is as important as protecting storage device. The security of manage console is mainly based on the OS. Following method can be used to protect security of manage console.
â€¢ Strong authentication
â€¢ Strict accounting and audit requirements
â€¢ Intrusion detection system