Fibre Channel (FC) of the Internal Security Mechanism than most people usually think of even more, but they are often not fully utilized, but also misunderstood, so SAN (Storage Area Network) Caibei say there are security issues. Current storage class talking about the contents of the partition is to explore Fibre Channel: Fibre Channel switch most easily and most often mistaken for the function set.
Any full-featured Fibre Channel switch can be set up partitions. Here partition is very similar to the same Ethernet virtual local area network: the data transfer separated. But Fibre Channel partitions to be more effective than the virtual local area network, because data is not in the partition between the “leakage.”
Conceptually, the virtual local area networks than Fibre Channel district more in line with the concept of partition. At first glance it seems more complex Fibre Channel area, but hidden behind the complex is actually simple. A device node, or a global name (WWN), can exist in different partitions. This capability will really be abused! For sound management and strong partition settings requires a certain structure – is not for one minute can be solved.
There are two kinds of partition: soft partitions and hard partitions.
Soft partition Soft partition is the meaning of the global name of the device switches on a partition, regardless of which port is connected. For example, if the global name of the Q and Z on the same global name of the partition, then they can talk to each other. Similarly, if Z and A again in another partition, then the Z and A can see each other, but A can not see Q. This is part of the complexity of the partition; this feature is not common in the Ethernet switch.
The concept of soft partition is not difficult to understand. It is simply that the overall structure is based on the node name. Use of this soft partition is that you can connect any port to a switch, and, if you can see the other node, you can access these nodes.
That all right? No, absolutely not good. From the managerial point of view, soft partition Environment A mess. Maintenance, you must know where each node connected to. If you use a soft partition, not on the switch port description, port information as they may soon become obsolete. In addition, there are some soft partition security risk. Believe each person is concerned, no one has seen a Hacker Is trying to deceive the whole name of the process, but such behavior is possible. By changing the device to change the global name of the partition it is very difficult, because the hacker does not know what he can access the global name of the partition you want to enter. You’re not to set their own exchange information on a large crowd under you?
Hard partition Hard partition is more similar to the Ethernet in the world of virtual local area network. If a port into a partition, any connection to this port traffic are from this area, or the set number of divisions. Certainly, if someone can move the cable, then this partition in the face of physical attack when not so safe. However, you need to worry about this? SAN Therefore, the best settings are: Switch hard partition and can access the array on the side (target) logical unit number (LUN) to limit the global name. Your storage arrays need to shield the global name for multiple launch terminal (initiator) can be set to partition the array can also see the end.
Some very strange idea of partition structure. A partition on the same operating system seemed like a good idea, but there is no sense in practice. The past, people always easy to be afraid to use a different operating system, Windows servers and storage arrays on the same partition. When you see when a new LUN, Windows will pop up, “you need to initialize the new paper is this?” Dialogue window, and easily determine if the Windows administrator click on the “yes”, then he Damage Other people’s logical unit number. If the storage array logical unit number shield, then this is not a problem.
Best partition reference Many institutions partition proposal. Most agree that the soft partition is very bad. Is true. We are here to discuss the hard partition. Remember, each node needs to have two Host Bus adapters, host bus adapters, but each through a different Fibre Channel switches in different network. Each switch has the same partition set.
“Single launch-side partition” camp think you need to create a partition based on launching side. This means that each partition is only one host, or launch end. Subject to the rules of a single launch-side conditions, multiple storage array ports can be added to this area – the array is the target side. This approach is reasonable, because you can quickly see from your set which hosts can access the array.
Other people tend to partition on the array side. After all, the end of each array so that multiple hosts can access, so we can have the same purpose that the initiation of terminal integrated with a mini-network. Some store managers was launched end of this more than the idea of each other see each other nervous, but in some cases, this approach is still very good. When a server restart, the other the same partition of the server in the system log will report “node X disappeared from the network.” This side of the partition based on the benefits of the array when you can quickly browse which hosts can access a particular array side.
Remember, each “partition” is actually just a two-way between the nodes (or More) communications image. Storage array port can be placed on a number of different partitions (in a single-ended mode was launched under the partition), each partition including the host, also called the launch end.
Some people like to skip the partition set. Only from the stability point of view, do not advocate this practice. A Fibre Channel network can be reset at the same time for everyone to log in again, but also to each Fibre Channel network to send updates. Security issues exist, but are actually more but you will certainly pay attention to the problem to be that only novice.
Your partitions set up a very important decision, so take some time to decide what kind of hard partition model can adapt to your environment better.
Summary Partitions and virtual local area network on a similar. Port or global name can also put multiple partitions;
Soft partition is to partition based on global name, if the optical fiber to the new port, then this area is difficult to manage;
Hard partition is based on the port: You can
The e-commerce company in China offers quality products such as China Sodium Tripolyphosphate Food Grade , Sodium Tripolyphosphate, and more. For more , please visit