The IP SAN has arrived. iSCSI enables shared, centralized storage over commodity hardware and protocols. Instead of struggling to deploy an expensive and confusing Fibre Channel (FC) SAN, more businesses are going with iSCSI-based Ethernet SANs, especially in the price-conscious Windows and Linux markets.
But not everyone is happy about IP-based storage. Most potential users welcome the low price of iSCSI, but question its use for critical applications. "There are three things IP storage users worry about: speed, persistence and security," says Zophar Sante, vice president of marketing development at Sanrad Ltd., an iSCSI vendor in Menlo Park, CA. "Security is everybody's worst fear, and it's the hardest to address."
The cause for concern is understandable. Even non-IT people worry about the security of public networks. Everyone knows the dangers of viruses and Trojan horses, and has heard stories about denial of service attacks that have crippled Internet resources. So it's not surprising many people believe these vulnerabilities are somehow related to the IP protocol.
However, IP storage is no less secure than FC, and may actually be more secure (see Myths of Fibre Channel security). "If you trust your [IP] network with your data, why not trust it for storage?" asks Eric Schott, director of product management at EqualLogic Inc., Nashua, NH. There's a grain of truth here: People trust IP and Ethernet for almost every aspect of connectivity, and have developed strong methods to make those networks secure.
In fact, the largest companies currently trust FC for their critical storage connectivity, even though little attention is paid to securing that network.
Because it's based on IP and Ethernet, iSCSI has the potential to connect every server in every data center to centralized storage for the first time. The downside is that hackers know that a single network outage could affect every connected system. And as iSCSI becomes more ubiquitous, it becomes a bigger target for attacks.
