Networked storage including Fibre Channel or iSCSI block-based storage area networks (SAN) can provide benefits of shared storage utilization, access of storage over distance and possible management efficiencies compared to traditional DAS. With the benefits of networked storage, including SAN and NAS, also come increased risk and security issues. Both NAS (NFS and CIFS) along with Fibre Channel and iSCSI SANs have various security capabilities with additional layered 3rd party products.
For example, Fibre Channel supports isolation of ports and devices in a fabric using hard or soft zoning-based on ports or worldwide name (WWN). Other capabilities include port blocks and prohibits; volume and LUN mapping and masking along with authentication and authorization tools. Additional security can be provided using encryption technology for data in flight between servers and storage or between storage devices for remote replication as well for encrypting data at rest on disk and tape.
This was first published in January 2007