Security Spotlight Shines on SANs
In insecure times, security threats seem to be everywhere. When even little old ladies are made to take off their shoes for the airport x-ray machines, you know that everyone is a suspect until proven otherwise. SAN technology, which in its early career avoided strip searches before entering the data center, is also now coming under the security spotlight. As one SAN security vendor, NeoScale Systems, proclaims, "Availability Means Risk." The fact that a storage area network facilitates availability of shared storage assets therefore makes SANs inherently insecure and a potential target of the Evil-Doers (whomever they may be).
As with most corporate networks, though, the main security threat is not from external malefactors, but from internal sources -- bored or disgruntled employees, or simply the innocent administrator who inadvertently enables unauthorized access to departmental data. Because SANs create a neighborhood in which vital corporate data resides, a secure SAN should be a gated community with restricted and verifiable access. In practice, though, few companies implement anything more than simple physical isolation to safeguard their SANs. A SAN sitting behind the coded lock of a data center door may enjoy some protection from curious passersby, but it's still exposed to security breaches or disruption by anyone who knows which buttons to push.
In addition, not everything stays within the data center. Traditional tape vaulting, for example, regularly transports terabytes of corporate information assets across public roads in the questionable security of a van or truck. The local area network used for SAN management may likewise exit the data center and attach to the corporate LAN and WAN. In the latter case, while it might not be possible for someone outside the data center to access storage data directly, the possibility certainly exists to use management to rezone server/storage assignments and provide a path to otherwise restricted data, or to execute a denial of service attack by resetting SAN switches.