Q

Security issues and NAS

What security issues arise with a NAS solution?

There are several and they depend on the environment you're in. The first (and simplest) is if you use an Ethernet that has other users on it, you could be subject to sniffing or snooping on the network. A NAS device would have the same risks as anything else on the network, including denial of service attacks.

More specific to networked storage are the access controls to the data. Since a NAS is operating as a remote file system and the major advantage is file sharing, controlling the access to the data becomes the major issue. Determination of who has access to data is a combination of administration tasks and software. Typically, an administrator would set up access control lists to identify which users, etc. would have access to the data and then the software on the requesting server is responsible for handling the responses. Windows NT/2000 uses a mechanism called "hard locks" where another access to data that is already being accessed isn't allowed. UNIX systems use "advisory locks" where it's up to the application to not continue the access.

The biggest risk, unfortunately, is in the administration. There's are a lot of requirements here and it's easy to have human error. Obviously, one of the big problems is that the security is not consistently applied in different environments.


This was first published in May 2001

Dig deeper on NAS management

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchSolidStateStorage

SearchVirtualStorage

SearchCloudStorage

SearchDisasterRecovery

SearchDataBackup

Close