I've heard you have to worry more about security with network-attached storage (NAS) vs. storage area network (SAN). Why? And, is there anything you can do to ensure NAS security?
NAS is not necessarily less secure than a SAN; NAS security is just done differently. With a SAN, you are getting volumes (or LUNs) served up to operating systems for usage. Those LUNs can have file systems on them or databases or some other direct usage. The security is at the SAN level, controlling the access to the LUN, and at the server operating system (and application) level, controlling the users who have access to the data.
For NAS security, the file system (or file systems) are on the NAS device and the access to the file system and the files within the file system is controlled by the privileges that are assigned (typically called access control lists). If the privileges are set up correctly (either manually or through system control such as Active Directory), users that are not authorized are denied access.
Dig Deeper on Primary storage devices
Related Q&A from Randy Kerns
Compare SAN and NAS, and find out what to consider when using each storage system format. Object storage and the cloud are also affecting the storage... Continue Reading
Logical unit numbers are a logical abstraction between a physical disk device and applications. Learn more about LUN use cases and LUN security ... Continue Reading
What is the one hidden gotcha that you'd advise users about if they were shopping for an all-flash storage array? Continue Reading