Can a SAN or NAS environment really be hacked if it's behind a firewall?


Storage security information
Why and how your storage environment will be attacked

Five must-have storage security testing tools

Protect your data from hidden threats
Absolutely. Many people think that as long as their SAN or NAS is behind a firewall then everything is protected -- this is a myth of network security. Most storage environments span across multiple networks, both private and public.

Storage devices are serving up multiple network segments and creating a virtual bridge that basically negates any sort of firewall put in place. This can provide a conduit into the storage environment, especially when a system is attacked and taken control of in the DMZ or public segment. The storage back end can then be fully accessible to the attacker because there is a path for the attack.

Don't assume that your systems are automatically protected. The only way to know for sure is to test for these vulnerabilities using good tools and ethical hacking techniques.

Listen to the Storage Security FAQ audiocast here.

Go to the beginning of the Storage Security FAQ Guide.

14 Mar 2007