Analysis Of Fibre Channel Storage Area Network Problems

Internal security than most people usually think of even more, but they are often not fully utilized, but also misunderstood, so SAN (Storage Area Network) Caibei say there are security issues. This issue about the contents of the storage class is to explore the Fibre Channel Zoning: Fibre Channel switches, the easiest and most often mistaken for the function set. Fibre Channel (FC) of the internal security than most people usually think of even more, but they are often not fully utilized, but also misunderstood, so SAN (Storage Area Network) Caibei say there are security issues. This issue about the contents of the storage class is to explore the Fibre Channel Zoning: Fibre Channel switches, the easiest and most often mistaken for the function set.

  Any full-featured Fibre Channel switch can be set up partitions. Here partition is very similar to the same Ethernet virtual local area network: the data transfer separated. But Fibre Channel partitions to be more effective than the virtual local area network, because the data transmission is not in the partition between the “leakage.”

Conceptually, Fibre Channel area is more consistent than the virtual local area network concept of partition. At first glance it seems more complex Fibre Channel area, but hidden behind the complex is actually simple. A device node, or a global name (WWN), can exist in different partitions. This capability will really be abused! For sound management and strong partition settings requires a certain structure – is not one minute can be solved.

There are two kinds of partition: soft partitions and hard partitions.

Soft partition Soft partition is the meaning of the global name of the device switches on a partition, regardless of which port is connected. For example, if the global name of the Q and Z in the same global name of the partition, then they can talk to each other. Similarly, if Z and A again in another partition, then the Z and A can see each other, but A can not see Q. This is part of the complexity of the partition; this feature is not common in the Ethernet switch.

The concept of soft partition is not difficult to understand. It simply shows that the global architecture is based on the node name. The benefits of using this soft partition is that you can connect to any switch port, and if you can see other nodes, then you can access these nodes.

That alright? No, absolutely not good. From the managerial point of view, soft-partition environment, a mess. Maintenance, you must know where each node connected to. If you use a soft partition, not on the switch port description, port information as they may soon become obsolete. In addition, there are some soft partition security risk. Believe each person is concerned, no one ever seen a hacker is trying to deceive the whole name of the process, but such behavior is possible. By changing the device to change the global name of the partition it is very difficult, because the hacker does not know what he can access the global name of the partition you want to enter. You’re not his own switch settings on the large crowd under you?

Hard partition Hard partition to be more like the world of virtual local area network Ethernet. If a port into a partition, any connection to this port traffic are from this area, or the set number of divisions. Of course, if someone can move the cable, then this partition in the face of physical attack when not so safe. However, you need to worry about this? So for the SAN, the best settings are: Switch hard partition and can access the array on the side (target) logical unit number (LUN) to limit the global name. You also need the global name of the storage array mask, so that multiple launch end (initiator) can be set to partition the array can also see the end.

Some very strange idea of partition structure. The same operating system on a partition appears to be a good idea, but there is no sense in practice. The past, people always easy to be afraid to use a different operating system, Windows servers and storage arrays on the same partition. When you see when a new LUN, Windows will pop up, “you need to initialize the new volume?” Dialog window, and easily determine if the Windows administrator click on the “yes”, then he would destroy other people’s logical unit number. If the storage array logical unit number shield then this is not a problem.

I am a professional writer from China Crafts Suppliers, which contains a great deal of information about pvc rain jacket , childrens rain coats, welcome to visit!

Leave a Reply

Your email address will not be published. Required fields are marked *

Protected with IP Blacklist CloudIP Blacklist Cloud