With encryption all the rage in SANs and NAS with few standards to govern them, how can I ensure the products I purchase from different vendors will be interoperable?
This is a complex issue but I'll try to sort it out in different pieces.
As a basic step, the encryption algorithms need to match to ensure that a message encrypted at one end can be decrypted at the other end. However, that is not enough. There is a need for a protocol to exchange the security information. There are several protocols and most common are IPSec and SSL. While SSL has had good success, IPSec interoperability has been a challenge due to its complexity and a broad array of options. Many customers still simply use a single vendor to avoid the interoperability issues!!
To go back to your specific question on storage security, there is a need to ensure that products will interoperate so that customers can mix and match. The standards are not completely defined but the direction is towards using IPSec ESP for encrypting traffic.
Editor's note: Do you agree with this expert's response? If you have more to share, post it in one of our .bphAaR2qhqA^0@/searchstorage>discussion forums.
This was first published in January 2003