In a standard IP network the delay of packets to and from an application or browser is unlikely to cause an issue.The same cannot be said for storage where a consistent response time and guaranteed delivery is essential for providing transparent disk I/O. Isolating IP and iSCSI traffic will help to reduce the potential impact to storage performance of unpredictable traffic.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Considering security, iSCSI can be run in a completely open fashion. Data packets can be visible on the network for anyone with a standard piece of software such as Ethereal. To counter this, iSCSI offers server/target validation and the suggested use of IPsec to encrypt traffic, which inevitably adds to the CPU load on both server and storage. Isolating iSCSI hosts from a physical perspective improves security and provides the choice as to whether IPsec needs to be used.
Taking the above points into consideration, a customer may choose to completely isolate iSCSI traffic into separate switches or to provide dedicated VLANs for iSCSI connections. Both approaches help to mitigate against performance and security issues and give the added benefit of making problem resolution easier to achieve.
Dig Deeper on Storage Area Network (SAN)
Related Q&A from Chris Evans
While ransomware remains a top threat, it is not the only cybersecurity problem data backup admins need to keep on their radar. Here are three more ...continue reading
A layered protection strategy works best against ransomware. Organizations must be diligent about backing up data, monitoring suspicious activity and...continue reading
The deduplication process reduces the amount of data in a storage system, but dedupe in the cloud may be more valuable to the cloud provider than the...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.