Storage Basics: Securing iSCSI Using IPSec, Part 2
In a previous Storage Basics article, we looked at securing IP communications using the IPSec protocol.
With many storage implementations moving toward IP-based solutions such as iSCSI, the importance of securing IP transmissions becomes critical, especially considering that many of the programs we use send clear text across the network. Such applications include FTP, Telnet, POP3 and IMAP.
In a heterogeneous environment, we have the option of securing communication at both the application layer, using protocols such as Secure Sockets Layer (SSL) or the Transport Layer Security (TLS), and on the IP level using IPSec. The purpose of this article is to display how communications are secured using IPSec in a Windows 2003 Server.
We know that out of the box IP lacks security, but for many applications this is not a problem. However, for those communications that require security, we need to configure IPSec. Enabling IPSec using Server 2003 is a straightforward process, but getting the right level of security can be tricky.
Setting Security Levels
In general, there are four security strategies from which to choose when securing data with IPSec. These include:
- Block transmissions: Block transmissions tell IPSec to block all
transmissions from computer A to computer B. The transmission is simply
dropped by the receiving system. Blocking all traffic is a heavy-handed
approach to a security strategy and is not often used.
- Encrypt transmissions: The encrypt transmissions option is used when
it is necessary to allow communications between computers, but the data must
be encrypted to prevent eavesdropping. In such an instance, IPSec is
configured using the Encapsulating Security Payload (ESP) protocol to
encrypt data. Those attempting to look at the data will see only an
unreadable stream of bytes.
- Sign transmissions: The sign transmissions option is used to prevent
"man-in-the-middle" attacks. The Authentication Header (AH) protocol for
digitally signing communications adds a bit of data at the end of network
packets to verify that the data has not been changed during transit.
- Permit transmissions to travel unchanged without signing or
encryption: This option is the absence of security. Essentially, this
allows all traffic to pass without verifying data integrity.