EVALUATION OF STORAGE AREA NETWORK (SAN) SECURITY AND PERFORMANCE

Postgraduate

INTRODUCTION 

With advancement of information and communication technology (ICT) the amount of data that needs to be transferred and stored on disks has grown enormously in a computer network environment and growth from Gigabyte in early 1990 to Exabyte in 2010. Many technologies have been developed to manage and handle this traffic of data for use in different scales of networks such as LAN, MAN and WAN. Some examples of these technologies include Network Attach Storage (NAS), Direct Attach Storage (DAS) and Storage Area Network (SAN). Storage Area Network (SAN) is a high speed network of storages and fabrics that connect to computers and servers to provide shared pool of storages for different servers with different operating system, all the servers all around the network access to SAN storages like a local attach disk.

SAN manages and stores data in high speed and centralized place with ease of management. Security has always been highest priority in such networks for network administrators, working with information and sensitive data of their companies. These networks encounter different attacks and storages on their own do not have any security features. Another important element for implementing SAN is performance of the system. Knowledge about the key performance elements as well as advantages and disadvantages of this technology is crucial to comprehend the dynamics between security and performance. Knowing the vulnerabilities is one of the critical tasks for making storage systems secure, knowledge about security elements and solutions can help storage administrators to improve the level of security and reliability of a network. Security, performance and reliability make SAN as a good solution for storing data in a larger scale network.

SOCIETAL AND ETHICAL ASPECTS OF SAN TECHNOLOGY

This thesis investigates SAN from security (including safe storage) and performance perspectives. Especially the security issue is important for the society since it depends on the secure storage and communication of large amounts of data. The problem with the rapid growth of computer and communication technology and access to information is to guarantee that they their data are safe and secure from unauthorized access. 

STATEMENT OF THE PROBLEM  

This thesis analyses security and performance aspects of SAN technology, more specifically, the thesis addresses security risks, vulnerabilities, performance factors and solutions for improving security of SAN in relation to performance 

AIM AND OBJECTIVES

The main goal of this thesis is to find out the different security risks and attacks in SAN. Investigate methods that can improve security, compare between the security aspects, performances factors in different protocols that are used to implement the SAN such as iSCSI and FC, to find out which one is the most reliable and efficient in different scales of networks.

RESEARCH QUESTIONS

This thesis is aimed to answer the following questions:  

-  What are the security vulnerabilities and possible attacks in SAN? 

-  What are the performance improvement methods in the implementation of SAN?

METHODOLOGY

The methodology of this thesis is divided into a literature study part and a practical part. In the literature study part the different security methods of the SAN are investigated, to find out security solutions, vulnerabilities and attacks in different SAN protocols, compare between the functionality of these protocols and find out the performance elements of SAN in different SAN protocols to improve the performance. In the practical part a model of iSCSI based SAN is simulated to measure the performance and find out some of the security vulnerabilities and the solutions to make iSCSI SAN secure