Over 70% of attacks originate within the enterprise. In a non-storage environment, system firewalls or personal firewalls are becoming popular and can be deployed even if the organization has perimeter security. They act as a second layer of defense/protection.
Does a similar solution make sense for SANs?
The use of a firewall is to prevent attacks from outside the firewall perimeter. In effect, a firewall protects unauthorized traffic from entering through the Internet access. So, a firewall does not prevent attacks from inside.
To prevent inside attacks, enterprises should define and enforce sound security policies including confidentiality, data integrity and especially access control policies.
For SANs, the above comments apply. So, to prevent internal attacks on SANs, the answer is to define and enforce sound security policies.
Editor's note: Do you agree with this expert's response? If you have more to share, post it in one of our .bphAaR2qhqA^0@/searchstorage>discussion forums.
This was first published in April 2002