I am a risk consultant and have been asked to conduct a threat and risk assessment and analysis on a backup regime...
for a SAN. As this is the first one for me, I am wondering if you could assist me in outlining the risk areas associated with the use of FCP and its use for remote backups. I have researched this and keep getting confused as to the issues using TCP/IP over the Internet and what levels of protection/devices can be placed over the SAN to alleviate any risks.
Any advice would be very worthwhile.
If your moving data to a remote site over optical fiber, then the cables themselves are fairly secure since it's quite hard to tap optical cables without anyone not knowing about it.
For remote backup using TCP/IP, you can use compression on either end to somewhat scramble the data or you could use iFCP-based SAN extenders which will allow you to use any security measures that are available for TCP/IP. If it were my data though, I would use an encryption engine on both sides of the pipe just to be certain. This could either be an appliance or a software solution.
Since you are moving data to a remote location, zoning in the SAN will not help you. You need to focus on the TCP/IP portion. Have your customer use dedicated leased lines, use encryption and use optical connections if you can afford it.
Editor's note: Do you agree with this expert's response? If you have more to share, post it in one of our .bphAaR2qhqA^0@/searchstorage>discussion forums.
Dig Deeper on Fibre Channel (FC) SAN
Related Q&A from Christopher Poelker
RAID can allow for better storage performance and higher availability, and there are many different RAID types. Read a comparison of RAID levels, as ...continue reading
SAN expert Chris Poelker compares connecting a SAN with wavelength cabling and dark fiber and discusses the pros and cons of each.continue reading
SAN expert Chris Poelker discusses how to change the size of a LUN in a Microsoft cluster server environment.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.