/>
X

iSCSI the new Security Scourge?

Sorry, I could not resist the alliteration.But seriously folks, with security snafus around data back-up in the news lately it is disturbing to read about the latest and greatest in storage: iSCSI.
zd-defaultauthor-richard-stiennon.jpg
Written by Richard Stiennon on

Sorry, I could not resist the alliteration.

But seriously folks, with security snafus around data back-up in the news lately it is disturbing to read about the latest and greatest in storage: iSCSI. Basically, iSCSI (Pronounced eye-scuzzy) takes a block transfer protocol used to communicate with disk drives and encapsulates it in good old TCP/IP. The reason this is cool is that you can attach a whole bunch of SCSI controllers and hard drives to an existing Ethernet network, or even anywhere on the Internet, and get fast cheap storage solutions without that messy, expensive fiber channel stuff.

Problem: Storage Area Networks (SAN) have always been protected from the usual dangers of networking such as viruses, worms, and hackers because they were totally separate from the IP network. The typical configuration is to run fiber network from all machines that needed to be backed up to the SAN, totally bi-passing Ethernet switches, routers, and firewalls. This was great because firewalls do not do too well at passing traffic at multiple gigabit speeds needed to do effective backup. (Try backing up a couple of terabytes of data through your Checkpoint FW-1 running on a Nokia). So, a fiber channel cable would be run, for instance, right from the machines in the DMZ back to the SAN.

Oh sure, the IETF is working on authentication, even IPSec for iSCSI. That is great and will address the direct security issues. It will do nothing to avoid the dirty traffic that will be hammering your SAN controllers and devices.

Prediction: As iSCSI becomes popular (and it will) there will be more and more cases of storage being wiped out by spurious IP traffic. It is as inevitable as security flaws in Longhorn. :-)

Related

Are you ready for the worst Economy Class airline seats in the world?
airline-seats.jpg

Are you ready for the worst Economy Class airline seats in the world?

Business
Microsoft Azure-certified roles are well-paid, and you can study for certification for $39
replace-this-image.jpg

Microsoft Azure-certified roles are well-paid, and you can study for certification for $39

Deals
Remote working vs back to the office: Benefits are clear, but there could be trouble ahead for some
A middle aged man in casual attire sat at his computer desk speaking to colleagues via a split-screen video chat application

Remote working vs back to the office: Benefits are clear, but there could be trouble ahead for some

Professional Development