10.2. Security in Fibre Channel SANs
Elementary security for Fibre Channel SANs is enforced by physical separation of networks. Fibre Channel assumes a dedicated network isolated from the user and public network. This separation is guaranteed by use of a unique protocol that is not easily deciphered by mainstream networking tools and by use of Fibre Channel switches that differ fundamentally from standard Gigabit Ethernet switches or IP routers. Because storage traffic and user traffic are physically isolated, access to storage data is restricted. Even supposing a disgruntled user could tap into a Fibre Channel link, a sophisticated analyzer would be required to intercept and decode storage data. The “alien” nature of Fibre Channel vis-à-vis ...
Get IP SANs: A Guide to iSCSI, iFCP, and FCIP Protocols for Storage Area Networks now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
