Your SlideShare is downloading. ×
0
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Storage Area Network (San)
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Storage Area Network (San)

9,299

Published on

A brief study on Storage Area Network (SAN), SAN architecture & its importance. It focuses on the techniques and the technologies that have evolved around SAN & its Security.

A brief study on Storage Area Network (SAN), SAN architecture & its importance. It focuses on the techniques and the technologies that have evolved around SAN & its Security.

Published in: Technology
2 Comments
26 Likes
Statistics
Notes
  • why your ppt is not dallow download????????????????
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • awesome ppt but why u r not allowing to download mahn
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total Views
9,299
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
2
Likes
26
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Transcript

    • 1. STORAGE AREA NETWORK (SAN) & SECURITY Presented By Santhosh Kumar.M 07030242024
    • 2. Agenda <ul><li>Introduction </li></ul><ul><li>SAN Architecture </li></ul><ul><li>Fibre Channel &amp; IP SAN </li></ul><ul><li>SAN Security </li></ul><ul><li>IP SAN &amp; Fibre Channel Security </li></ul><ul><li>SAN Standards &amp; Organization </li></ul><ul><li>SAN Best Practices &amp; Checklist </li></ul><ul><li>Conclusion </li></ul>
    • 3. Enterprise Data Storage Growth <ul><li>30% annual growth </li></ul><ul><ul><li>Last 3 years </li></ul></ul><ul><ul><li>$5.3 billion market by 2005 </li></ul></ul><ul><li>Largest component of hardware budget </li></ul><ul><ul><li>18% of total I.T. budget </li></ul></ul><ul><ul><li>60% of hardware budget </li></ul></ul><ul><ul><ul><ul><ul><li>Separate LAN/SAN spending strategies </li></ul></ul></ul></ul></ul>
    • 4. Storage Models DAS SAN NAS
    • 5. What is a SAN? <ul><li>“A storage area network (SAN) is a network designed </li></ul><ul><li>to attach computer storage devices such as disk array </li></ul><ul><li>controllers and tape libraries to servers.” - Wikipedia, </li></ul><ul><li>the free encyclopedia (2005) </li></ul>
    • 6. Need for SAN in Business <ul><li>Storage Area Network’s </li></ul><ul><ul><li>Provide High Availability </li></ul></ul><ul><ul><li>Improve Data Storage Management &amp; Reduce Cost </li></ul></ul><ul><ul><li>Enable Efficient Hardware Deployment &amp; Utilization </li></ul></ul><ul><ul><li>Enable Storage Virtualization </li></ul></ul><ul><ul><li>Improve Data Backup Efficiency &amp; Availability </li></ul></ul>
    • 7. Importance of SAN in Business <ul><li>Research shows that as much as 70% of storage was networked in 2006 </li></ul>McNamara (2005) reports, “SANs…have proven to reduce management costs as a percentage of overall storage costs.”
    • 8. SAN Architecture <ul><li>Server Layer </li></ul><ul><ul><li>NT Server </li></ul></ul><ul><ul><li>Unix Server </li></ul></ul><ul><ul><li>Database Server </li></ul></ul><ul><li>Fabric Layer </li></ul><ul><ul><li>Fibre Channel Switch </li></ul></ul><ul><ul><li>Fibre Channel Bridges </li></ul></ul>
    • 9. Fibre Channel (FC) <ul><li>Fibre Channel is a technology standard for transferring data </li></ul><ul><li>At extremely high speeds – upto 10 Gbps or even more </li></ul><ul><li>Fibre Channel is broken up into a series of five layers </li></ul>
    • 10. Fibre Channel Topologies <ul><li>Fibre Channel based SAN support three types of topologies </li></ul><ul><ul><li>Point-to-Point </li></ul></ul><ul><ul><li>Arbitrated Loop </li></ul></ul><ul><ul><li>Switched Fabric </li></ul></ul><ul><li>These can be standalone or interconnected to form a fabric </li></ul>
    • 11. Point-to-Point <ul><li>100MByte/s per connection </li></ul><ul><li>Just defines connection between storage system &amp; host </li></ul>
    • 12. Arbitrated Loop <ul><li>Each port arbitrates for access to the loop </li></ul><ul><li>Ports that lose the arbitration act as </li></ul><ul><li>repeaters </li></ul>Single Loop Data flows around the loop, passed from one device to another Dual Loop Some data flows through one loop while other data flows through the second loop
    • 13. Arbitrated Loop with Hub Hubs make a loop look like a series of point to point connections. Addition and deletion of nodes is simple and non-disruptive to information flow. 1 2 3 4 HUB
    • 14. Switched Fabric Fabrics are composed of one or more switches. They enable Fibre Channel networks to grow in size. 1 2 3 4 SWITCH Switches permit multiple devices to communicate at 100 MB/s, thereby multiplying bandwidth 1 2 3 4 SWITCH
    • 15. IP SAN - iSCSI <ul><li>IP SAN is the Storage Area Network transmitting thro data TCP / IP protocols </li></ul><ul><li>IP SAN is the high-efficient and point-to-point storage solution </li></ul><ul><li>iSCSI is a internet protocol standards are officially ratified by Internet Engineering Task Force, IETF </li></ul>
    • 16. iSCSI – IP SAN  Fibre Channel <ul><li>IP SAN offers slower throughput than a FC SAN </li></ul><ul><li>IP SAN is more cost – effective than FC SAN </li></ul><ul><li>IP SAN considered an alternative for costlier FC SAN </li></ul>
    • 17. SAN Security Landscape <ul><li>SANs are evolving in parallel paths that LANs have evolved </li></ul><ul><li>Security was not an issue in the early days of LANs either until… </li></ul><ul><li>Historically, security administrators &amp; storage administrators have not considered storage and SANs </li></ul>“ There is a gap between storage and security “
    • 18. Why SAN Security? <ul><li>SAN contains an organizations most critical data </li></ul><ul><li>Importance of this data is simply too high to ignore security – even if the risk is perceived to be low </li></ul><ul><li>The biggest threats to a SAN are from insiders – malicious or otherwise </li></ul><ul><li>Also Legislation and compliances like HIPAA, PCI – DSS, Sarbanes – Oxley Act (SOX) and Data Protection ACT (DPA) drive an organization to address SAN security </li></ul>
    • 19. Common Security Issues <ul><li>Poor administration of the storage network. </li></ul><ul><li>Lack of a comprehensive security policy. </li></ul><ul><li>Absence of vulnerability analysis during the design and construction phase of the SAN. </li></ul>
    • 20. IP SAN - Security <ul><li>iSCSI is a internet protocol standards are officially Uses IP network security, particularly IPSec </li></ul><ul><li>Key standards in IPSec that iSCSI will take advantage of are </li></ul><ul><ul><li>Authentication Headers (AH) - authenticates the original connection </li></ul></ul><ul><ul><li>Internet Key Exchange (IKE) - mutual authentication process for duration of connection </li></ul></ul><ul><ul><li>Encapsulating Security Protocol (ESP) - encrypts layer 4 and above data </li></ul></ul><ul><ul><li>iSCSI transmission can take advantage of VPNs and firewalls also </li></ul></ul>
    • 21. Fibre Channel Security <ul><li>Fibre Channel Authentication Protocol (FCAP) </li></ul><ul><li>Zoning </li></ul><ul><ul><li>Soft Zoning </li></ul></ul><ul><ul><li>Hard Zoning </li></ul></ul><ul><li>LUN Masking </li></ul><ul><li>Persistent &amp; Port Binding </li></ul>
    • 22. Other Security Issues <ul><li>Locking Down E_Ports </li></ul><ul><li>Physical Access </li></ul><ul><li>Remote Access </li></ul>
    • 23. SAN Security Vendors <ul><li>McData SANtegrity Security Suite Software </li></ul><ul><li>Brocade Secure Fabric OS </li></ul><ul><li>Hifn 4300 HIPP III Storage Security Processor </li></ul><ul><li>HP StorageWorks Secure Fabric OS </li></ul><ul><li>Decru Dataform Security Appliances </li></ul><ul><li>Kasten Chase Assurency </li></ul>
    • 24. SAN Standards &amp; Organizations <ul><li>Storage Networking Industry Association </li></ul><ul><li>Fibre Channel Industry Association </li></ul><ul><li>SCSI Trade Association </li></ul><ul><li>International Committee for Information Technology Standards </li></ul><ul><li>INCITS Technical Committee T11 </li></ul><ul><li>Information Storage Industry Consortium </li></ul><ul><li>Storage Security Industry Forum (SSIF) </li></ul>
    • 25. SAN Best Practices <ul><li>“ Storage Security Best Current Practices developed by Storage Networking Industry Association (SNIA)” </li></ul>
    • 26. SAN Checklist
    • 27. Conclusion <ul><li>Future of SAN </li></ul><ul><ul><li>Integration of SAN’s into Mainstream Networking </li></ul></ul><ul><ul><li>Virtualization </li></ul></ul><ul><ul><li>Human Factors </li></ul></ul>
    • 28. References <ul><li>SAN Security </li></ul><ul><li>www.sansecurity.com </li></ul><ul><li>Storage Networking Industry Association </li></ul><ul><li>www.snia.org </li></ul><ul><li>Introduction to Storage Security - A SNIA Security White Paper, October 14, 2005 </li></ul><ul><li>SAN Security Whitepaper by Santhosh Kumar.M </li></ul><ul><li> http://www.whitepapers.org/docs/show/1739 </li></ul>
    • 29. &nbsp;

    ×