Corporate clients more and more frequently opt for the introduction of SAN networks in order to gain larger storage space, a guarantee of greater application efficiency and accessibility as well as to ensure work continuity of the company. Apart from the said benefits, migration to the SAN technology poses new challenges concerning data and application security in the new environment.

Deciding on the implementation of a SAN network, one should keep in mind not only its obvious advantages but also related threats. SAN network stores data and applications critical not only to the company, but often also to its customers (see: Fig. 1).

Therefore one must ask oneself a couple of important questions, no matter if this is the implementation of a new SAN network or whether we have had such a network for years.

SAN network security audit will provide you with answers to the following questions:

• Can anyone break into my SAN network resources?
• Can anyone disrupt the activity of the SAN network or the applications using this network?
• How can I examine the security of my SAN network?
• When and how should I conduct a SAN network security audit?
• How to make use of the existing SAN network mechanisms to protect it?
• How to utilize the existing IT infrastructure of the company to protect the SAN network?

Incorrect project assumptions, bad configuration, unused services or retained default settings count among the most common factors facilitating a successful attack on the SAN network. Supplementary technologies (remote backup, backup sites etc.) help ensure work continuity but at the same time enlarge the number of places threatened by the attack which must be checked and cared for.

SAN network threat level depends on numerous factors, such as the following:

• large number of persons with access to management systems,
• bad organization of data transmission and the physical transport of data-carriers,
• remote access to managing devices and to data,
• co-sharing of resources by the company and the client or among clients,
• non-coded critical data on data-carriers,

SAN network security is in fact data security and operational continuity of applications. The data subject to protection are company critical data and/or client data.

Therefore such data should be provided with the following:

• integrity (inviolability),
• confidentiality (access should be granted only to assigned persons, under specific conditions),
• accessibility (operational continuity of applications, continuity of work on data),
• manageability (ease and flexibility of data management as well as data audit and monitoring).

Threats can come from the outside as well as from within the company. Internal threats come down mainly to the unauthorized use of managing tools, the server or the switch being a part of the SAN network. Access gained in this way allows for stealing, removal or modification of data.

External threats have been underestimated so far due to the SAN network being placed deep inside the local network. However, with the present development of WAN and Internet connections and the use of backup sites one should not forget that the security situation of SAN networks has changed. If the attacker gets access to a SAN network server or switch from the outside, there is a high probability of disruption in the operational continuity of applications and loss of data confidentiality.

Because of the peculiar character of the SAN network, its security constitutes a complex problem and in view of the increase in its popularity and number of applications its protection becomes an ever bigger challenge for designers and administrators. Ensuring security brings to mind mainly excessive costs and limitations of work comfort. Therefore the audit needs to include a realistic and environmentally adapted diagnosis of the security level as well as an estimation of threats and possible attacks.
NASK audit service allows for the identification of weak points and devising ways of their protection. Our specialists are thoroughly experienced not only in the SAN network technology but also in the examination of other elements of the IT environment.

SAN network audit calls for a specific approach and the knowledge of mechanisms present at the interconnection of SAN and LAN/WAN networks. These should not be underestimated. There is no other company network that stores in one place such a great quantity of critical information; no other system has so significant an impact on production applications. Data encoding, access control on the managing system level and adequately protected transmission can significantly improve data security. Therefore, it is these elements that the security audit focuses on in the first place and they should be the center of attention for designers and SAN network security experts. Multi-layered protection (making use of the existing security infrastructure in the LAN and WAN networks), tests, audits and environment monitoring, together with the application of SAN technology ensure effective data protection.

Best way to examine SAN network security is to conduct a well-arranged and systematic audit. This is an essential element of every system and every implementation, not only in the case of the SAN network. NASK experience in SAN network auditing, protection, implementation and integration with heterogeneous environment allowed for the creation of self-devised methodology of mass storage security testing.

To receive detailed information about NASK services, please fill in our request for information.

|

return to Data Security