Ask the Expert

Security issues and NAS

What security issues arise with a NAS solution?

Requires Free Membership to View

There are several and they depend on the environment you're in. The first (and simplest) is if you use an Ethernet that has other users on it, you could be subject to sniffing or snooping on the network. A NAS device would have the same risks as anything else on the network, including denial of service attacks.

More specific to networked storage are the access controls to the data. Since a NAS is operating as a remote file system and the major advantage is file sharing, controlling the access to the data becomes the major issue. Determination of who has access to data is a combination of administration tasks and software. Typically, an administrator would set up access control lists to identify which users, etc. would have access to the data and then the software on the requesting server is responsible for handling the responses. Windows NT/2000 uses a mechanism called "hard locks" where another access to data that is already being accessed isn't allowed. UNIX systems use "advisory locks" where it's up to the application to not continue the access.

The biggest risk, unfortunately, is in the administration. There's are a lot of requirements here and it's easy to have human error. Obviously, one of the big problems is that the security is not consistently applied in different environments.


This was first published in May 2001

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: