Skip the navigation

Sidebar: New Security Standards May Solve Storage Gaps

By Lucas Mearian
July 21, 2003 12:00 PM ET

Computerworld - Standards bodies, such as the International Committee for Information Technology Standards (INCITS) and the Internet Engineering Task Force (IETF), are working on Fibre Channel security standards as well as extending existing Internet protocols for moving block-level and file data over Ethernet networks, which are crucial to securing data as companies continue to push disaster recovery sites farther away from primary data centers.
The INCITS T11.3 committee is working on a draft of the Fibre Channel Security Protocol that it expects to release by the end of 2003. The protocol will address authentication at the management interface level between devices on a storage-area network (SAN), mostly likely using a public-key-infrastructure-based digital certificate.
The committee is also working on a frame-by-frame authentication method similar to packet-to-packet authentication in the IPsec protocol. The goal is to enhance the Fibre Channel frame with the definition of a new optional header that would contain something analogous to IPsec's Encapsulating Security Payload (ESP) protocol. ESP would allow SANs to support authentication, confidentiality and data integrity protection.
"Basically, the storage server won't accept frames unless they have proper security authorization," says Craig Carlson, chairman of the T11.3 committee and a systems architect at QLogic Corp. in Aliso Viejo, Calif.
For example, frame authentication will ensure an unauthorized user won't be able to manufacture a fake frame to tell the management application to take down a switch port or open access to a disk on an array, Carlson says.
Also, the IETF's IPsec Working Group is studying how to extend the Internet key exchange for network-address translators and firewalls. The group has produced a draft defining security requirements for Fibre Channel over IP standards, such as iSCSI, iFCP and FCIP.
But the standards bodies' work only addresses access, which leaves the door open to hackers, according to Michael Peterson, an analyst at Strategic Research Corp. in Carpinteria, Calif.
"There's all kinds of data still floating around," he says. "What do you do with old backup tapes, for instance?"

Read more about Storage in Computerworld's Storage Topic Center.



Additional Resources
Forrester Consulting - Optimizing Users and Applications in a Mobile World
WHITE PAPER
Solving application issues over the WAN requires careful consideration. Based on their independent research, Forrester Consulting offers recommendations on how to tackle application performance issues, insufficient bandwidth and the inability to quickly restore users in a disaster.

Read now.

Security KnowledgeVault
WHITE PAPER
Security is not an option. This KnowledgeVault Series offers professional advice how to be proactive in the fight against cybercrimes and multi-layered security threats; how to adopt a holistic approach to protecting and managing data; and how to hire a qualified security assessor. Make security your Number 1 priority.

Read now.

Cut Communications Costs Once and for All
WHITE PAPER
New IP-based communications systems are being deployed by small and midsized businesses at a rapid rate. Learn how these organizations are enabling faster responsiveness, creating better customer experiences, speeding office or mobile interactions, and dramatically reducing existing communications costs.

Read now.

Storage White Papers
Datacenter Consolidation Best Practices Whitepaper
The benefits of storage consolidation are being realized by companies and seen as a way to streamline many storage-driven applications. Learn why the...
Eliminating VMware / Storage Related Performance Challenges
How to proactively monitor the performance in a Fibre Channel SAN / vSphere environment is always a concern. Understand the importance of a...
Cloud Environments Have Familiar Storage Challenges
Cloud environments have many storage challenges that are familiar to data center managers, but due to their density and abstraction, the issues become...
Eight Considerations for Evaluating Disk-Based Backup Solutions
In the past, the movement from tape- to disk-based backup has been less compelling due to the expense of storing backup data on...
ExaGrid Helps U.S. Federal Government Agencies Reduce Backup Windows and Improve Data Protection
The U.S. Government has been the largest user of tape-based backup systems since the 1970s. Most agencies have begun to deploy disk storage...
All Storage White Papers
Storage Webcasts
Understand Your Data: The Future of Backup and Archiving
Archiving and Backup are the foundation of the next generation of information governance. However, commodity data protection tools and basic archives are only...
Optimizing Networks for the Cloud
Join guest speaker, Rohit Mehra, IDC Director of Enterprise Communications Infrastructure, to explore current trends, discuss best practices for optimizing Data Center and...
Apps QuickStart Series Part 2: Designing and Deploying SQL Server on VMware vSphere
Download this webcast to learn about the design considerations for virtualizing SQL workloads, performance and scalability information and high-availability options, as well as...
Apps QuickStart Series Part 1: Designing and Deploying Exchange 2010 on VMware vSphere
Download this webcast to learn the virtual hardware design considerations for Exchange 2010, deployment using the building block approach, options for high-availability and...
Customer Spotlight: How IPC The Hospitalist Company Implemented Oracle on VMware
Have you been looking to hear about customer's experiences with the new VMware vCenter Site Recovery Manager product? View this webcast to learn...
All Storage Webcasts
Newsletter Sign-Up

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  1. View all newsletters | Privacy Policy
IT Jobs