In recent years, iSCSI has emerged as a viable, cost-effective alternative to its more expensive counterpart, Fibre Channel, and is now regularly used to connect servers and SANs over a wide area network. One of the attractions of IP-based storage options such as iSCSI is that they allow the existing IP-based infrastructure to be used, obviating the need to upgrade to more costly equipment and complex solutions such as Fibre Channel.
Since iSCSI uses the IP protocol, it therefore relies on IP security protocols. Unfortunately, basic IP transmissions lack security, allowing anyone with the know how and inclination to intercept or modify IP communications. One of the more popular methods used for securing IP communications is the IP Security Protocol (IPSec). IPSec is an IP layer-based security protocol, which is in contrast to other security protocols like SSL that operate at the application layer of the OSI model.
To create secure data transmissions, IPSec uses two separate protocols: Authentication Headers (AH) and Encapsulating Security Payloads (ESP). AH is primarily responsible for the authentication and integrity verification of packets. It provides source authentication and integrity for data communication but does not provide any form of encryption.
AH is capable of ensuring that network communications cannot be modified during transmission; however, it cannot protect transmitted data from being read. AH is often implemented when network communications are restricted to certain computers. In such instances, AH ensures that mutual authentication must take place between participating computers, which, in turn, prohibits network communications from occurring between non-authenticated computers.
ESP is responsible for providing encryption services for the network data; however, it can also be used for authentication and integrity services. The difference between AH authentication and ESP authentication is that ESP includes only the ESP header, trailer, and payload portions of a data packet, whereas AH protects the entire data packet, including the IP header.
Used together, AH and ESP provide integrity, authentication, and encryption protection for IP-based communications. To make this happen, IPSec uses a variety of security protocols. To better understand the level of protection IPSec can provide, let’s take a look at each of these security protocols individually.
IPSec Integrity Protocols
When we refer to integrity verification, we are talking about hash algorithms that are used to verify that the information received is exactly the same as the information sent. A hash algorithm is essentially a cryptographic checksum used by both the sender and receiver to verify that the message has not been changed. If the message has changed in transit, the hash values are different and the packet is rejected.
When configuring IPSec integrity security, there are two options: Message Digest 5 (MD5) and Secure Hash Algorithm 1 (SHA1). Of the two, SHA1 is more secure than MD5, but it requires more CPU resources. MD5 offers a 128-bit hashing algorithm, while SHA1 uses an algorithm that generates 160-bit authentication.
IPsec Authentication Protocols
Before two systems can exchange secure data, they have to mutually agree on a security pact. This security agreement is called a security association (SA). For communication to happen, both systems must agree on the same SA.
The Internet Key Exchange (IKE) manages the SA negotiation process for IPSec connections. IKE is an Internet Engineering Task Force (IETF)-established standard method of security association and key exchange resolution. IKE performs a two-phase operation: the first phase ensures a secure communications channel, while the second operation negotiates the use of SAs.
To establish IPSec communications, two hosts must authenticate with each other before SA negotiations can take place. Systems can be authenticated in three different ways:
- Kerberos – Kerberos v5 is commonly implemented and is the default authentication technology used with Windows Server 2003. Kerberos provides the primary security protocol for authentication within a domain; when used, it verifies both the identity of the user and network services. Advantages of Kerberos include the fact that it can provide mutual authentication between the user and the server, as well as its interoperability — Kerberos can provide authentication between Server 2003 domains and systems in a Unix environment that is using Kerberos for authentication.
- Public Key Certificates (PKIs) – PKIs are used to authenticate clients that are not members of a trusted domain, non-Windows clients, or computers that are not running the Kerberos v5 authentication protocol. The authentication certificates are issued from a system acting as a certification authority (CA).
- Preshared keys – In preshared key authentication, computer systems must agree on a shared, secret key to be used for authentication in an IPSec policy. Preshared keys are to be used only where certificates and Kerberos cannot be deployed.
IPSec Encryption Protocols
IPSec offers three primary methods of encryption. The one you should choose depends on the security needs of your organization.
- Data Encryption Standard (40-bit) – This encryption method provides the best performance but at a significant cost: the encryption security is lower. The 40-bit Data Encryption Standard (DES) is commonly known as Secure Sockets Layer (SSL). It can be used in environments where data security needs are a little lower.
- Data Encryption Standard (56-bit) – Through your IPSec policies you can implement 56-bit DES as the encryption method. The DES algorithm was published in 1977 by the U.S. National Bureau of Standards, and it allows for the ability to frequently regenerate keys during a communication. This ability prevents the entire data set from being compromised if one DES key is broken. However, its use is considered outdated for businesses; it should be used only for legacy application support. Specialized hardware has been able to crack the standard 56-bit key.
- Triple DES (3DES) – IPSec policies also allow the choice of a strong encryption algorithm, 3DES, which provides stronger encryption than DES for higher security. 3DES uses a 56-bit encryption key as well, but, as the name implies, it uses three of them. As a result, 3DES is considered 168-bit encryption, and it is used in high-security environments like the U.S. government. All computers to which the policy is assigned will receive this policy.
IPSec Transport Modes
IPSec can operate in one of two separate modes: transport mode and tunnel mode. These modes refer to how data is sent and secured throughout the network. In transport mode, IPSec protection is provided all the way from the source to the destination. In this way, transport mode is said to provide end-to-end transmission security.
Tunnel mode secures data only between tunnel points or gateways. Tunnel mode provides gateway-to-gateway transmission security. When data is in transmission between the client and the server, it remains unprotected until it reaches the gateway. Once at the gateway, it is secured with IPSec until it reaches the destination gateway. At this point, data packets are decrypted and verified. The data is then sent to the receiving host unprotected. Tunnel mode is often employed when data must leave the secure confines of a local LAN or WAN and travel between hosts over a public network such as the Internet.
While iSCSI has emerged as an alternative to Fibre Channel, securing IP communications is an important consideration. IPSec provides a method to secure IP transmissions in a heterogeneous environment. In the next Storage Basics article, we will look at working with IPSec in a Windows 2003 environment and configuring IPSec with the NETSH command.