Storage area network (SAN) risks
In order to discuss the risks in SAN architectures, we must evaluate it on the six areas of security discussed in Chapter 1, "Introduction to Storage Security." Table 2.1 lists each of the sections, as well as their security presence in SANs.
Table 2.1 SAN risk and security
|Authentication||Authentication aspects in most SAN environments do not exist. Fibre Channel
Authentication Protocol (FCAP), DH-CHAP (Diffie-Hielman CHAP), and Fibre Channel Security Protocol
(FC-SP) have emerged to fulfill a significant gap for authentication; however, most SANs are
designed with the assumption that authentication has taken place elsewhere in the architecture. For
example, organizations often assume authentication occurring at file/record layers (databases)
should be enough, which ignores network authentication at lower network levels. This would be
similar to requiring authentication on a web application but not requiring authentication for a
telnet or SSH connection to the web server. In both scenarios, data can be compromised fully.
Authentication is indirectly available through some of the applications that have access to the SAN. Management applications, which can be used to administer storage data, usually require some type of username and password.
CT Authentication, DH-CHAP, FCAP, and FC-SP, as well as some other authentication modules, have been developed to authenticate node to node, node to switch, and switch to switch (discussed further in Chapter 9, "Securing Fibre Channel SANs").
|Authorization||Authorization parameters are usually provided with World Wide Names (WWNs) from the Fibre Channel host bus adapters. WWNs can be port WWNs, which identify the port, or node WWNs, which identify the node on the fabric.|
|Encryption||Encryption aspects in most SAN environments do not exist unless some third-party at-rest encryption device is used. Natively, http://searchstorage.techtarget.com/sDefinition/0,,sid5_gci212114,00.html target= "_blank">Fibre Channel does not use any encryption in any of its layers (layer 0 thru layer 4).|
|Auditing||Auditing aspects in most SANs are enabled only at the device or application level, such as a Fibre Channel switch or a management application. There is error management via the fabric; however, nothing for typical security auditing.|
|Integrity||There are currently no native methods for integrity checking in Fibre Channel frames.|
|Availability||Availability or Quality of Service (QoS) is indirectly available in layer 2 Fibre Channel frames in the Error Control fields of the frame. This aspect provides more QoS aspects than data availability. Availability is arguably the most important aspect of SAN security. If the storage data becomes unavailable, networks as well as applications melt down quickly.|
Use the following table of contents to navigate to chapter excerpts or click here to view SANs: Fibre Channel Security in its entirety.
Securing Storage: A Practical Guide to SAN and NAS Security
Home: SANs: Fibre Channel Security: Introduction
1: SAN risks
2:Fibre Channel risks
5:Fibre Channel frame weaknesses
6:Session hijacking: assessment exercise
7:Fibre Channel address weaknesses
8: Fibre Channel man-in-the-middle attacks
9: Fibre Channel address weaknesses: assessment exercise
|About the book:|
|Securing Storage: A Practical Guide to SAN and NAS Security is an indispensable resource for every storage and security professional, and for anyone responsible for IT infrastructure, from architects and network designers to administrators. You've invested heavily in securing your applications, operating systems, and network infrastructure. But you may have left one crucial set of systems unprotected: your SAN, NAS, and iSCSI storage systems. Securing Storage reveals why these systems aren't nearly as secure as you think they are, and presents proven best practices for hardening them against more than 25 different attacks. Purchase Securing Storage: A Practical Guide to SAN and NAS Security the book from Addison-Wesley Publishing|
|About the author:|
|Himanshu Dwivedi is a founding partner of iSEC Partners, a digital security services and products organization. Before forming iSEC Partners, Himanshu was the Technical Director for @stake s San Francisco security practice, a leader in application and network security. His professional experience includes application programming, infrastructure security, and secure product design with an emphasis on storage risk assessment.|
This was first published in April 2007