EVALUATION OF STORAGE AREA NETWORK (SAN) SECURITY AND PERFORMANCE

Postgraduate

Abstract

Due to growing the number of Information Technology (IT) users all around the world, consequently the amount of data that needs to be stored is increasing day by day. Single attached disks and old storage technologies cannot manage the storing these amounts of data. Storage Area Network (SAN) is a distributed storage technology to manage the data from several nodes in centralize place and secure. This thesis investigates how SAN works, the file system  and protocols that are used in implementation of SAN. The thesis also investigate about other storages technologies such as Network Attached Storage (NAS) and Direct Attached Storage (DAS) to figure out the advantages and disadvantages of SAN, The main focus of the thesis project is on identifying the security vulnerabilities in SAN such as possible attacks in different SAN protocols. The research finally identifies the performance factors in SAN to figure out how to improve the performance with respect to security solutions aimed to enhance the security level in SAN. 

Introduction 

With advancement of information and communication technology (ICT) the amount of data that needs to be transferred and stored on disks has grown enormously in a computer network environment and growth from Gigabyte in early 1990 to Exabyte in 2010. Many technologies have been developed to manage and handle this traffic of data for use in different scales of networks such as LAN, MAN and WAN. Some examples of these technologies include Network Attach Storage (NAS), Direct Attach Storage (DAS) and Storage Area Network (SAN). Storage Area Network (SAN) is a high speed network of storages and fabrics that connect to computers and servers to provide shared pool of storages for different servers with different operating system, all the servers all around the network access to SAN storages like a local attach disk.

SAN manages and stores data in high speed and centralized place with ease of management. Security has always been highest priority in such networks for network administrators, working with information and sensitive data of their companies. These networks encounter different attacks and storages on their own do not have any security features. Another important element for implementing SAN is performance of the system. Knowledge about the key performance elements as well as advantages and disadvantages of this technology is crucial to comprehend the dynamics between security and performance. Knowing the vulnerabilities is one of the critical tasks for making storage systems secure, knowledge about security elements and solutions can help storage administrators to improve the level of security and reliability of a network. Security, performance and reliability make SAN as a good solution for storing data in a larger scale network.

Societal and Ethical Aspects of SAN Technology

This research investigates SAN from security (including safe storage) and performance perspectives. Especially the security issue is important for the society since it depends on the secure storage and communication of large amounts of data. The problem with the rapid growth of computer and communication technology and access to information is to guarantee that they their data are safe and secure from unauthorized access.

Problem 

This research analyses security and performance aspects of SAN technology, more specifically, the thesis addresses security risks, vulnerabilities, performance factors and solutions for improving security of SAN in relation to performance.


Research Goals

The main goal of this research is to find out the different security risks and attacks in SAN. Investigate methods that can improve security, compare between the security aspects, performances factors in different protocols that are used to implement the SAN such as iSCSI and FC, to find out which one is the most reliable and efficient in different scales of networks.

Research Questions

This research is aimed to answer the following questions:

 

-  What are the security vulnerabilities and possible attacks in SAN? 

-  What are the performance improvement methods in the implementation of SAN?

Storage Area Network (SAN)

The Storage Network Industry Association (SNIA) defines SAN as a network in which the main purpose is to transfer data between servers and storages. The network consists of several computers, servers and devices that are interconnected with each other; this infrastructure allows different computers to communicate with each other. The operation of each SAN consists of basic elements for communication, which manages the physical connections, management layers for organizing the available connections, computer system and storage devices for reliable and secure handling of data. SAN manage the data at the block level and thus not at the file level for keeping track of and allocating free space on disk to the data. SANs are used to make a high speed connection between storages and servers