Storage infrastructure requires defense in depth.SAN infrastructures have prevailed on a large scale for good reason--they simplify storage scaling, data management and data access and provide for the implementation of central backup strategies. At the same time, they help keep the costs of the steadily growing storage capacities under control. Additionally, they make data accessible not only to internal and external employees but also to customers, suppliers and partners to support buying support buying n → compra proteccionista decisions and sales efforts. However, when this essential business data leaves the sealed-off area of the data center more easily accessible, it also may become a target for unauthorized access, theft and misuse. Security strategies for storage networks must take precautions precautions Infectious disease The constellation of activities intended to minimize exposure to an infectious agent; precautions imply that the isolation of an infected Pt is optional, but not mandatory. against unauthorized access from the outside, DoS attacks See denial of service attack. and internal attacks, which comprise 70% of all relevant cases. Moreover, the system must be configured con·fig·ure tr.v. con·fig·ured, con·fig·ur·ing, con·fig·ures To design, arrange, set up, or shape with a view to specific applications or uses: to protect against unintentional changes. There is no universal solution. Security in storage networks can only be achieved by a strategy that is multi-layered and that meets company-specific requirements. [ILLUSTRATION OMITTED] Defense in Depth Strategies Companies must deploy storage solutions that have the right security posture for the organization, enable a scalable architecture that will not have to be ripped out to deploy security, and remove traditional limits on business. The three most important components in an effective "defense in depth" strategy are people, operations and technologies. Each needs to be integrated into an extensive security strategy. If the administrative team isn't properly trained, technologies may be incorrectly deployed, nullifying their effectiveness, or the process may not be followed in a remote data center. Any of these would either weaken or remove key links in the armor protecting the IT infrastructure. The defense in depth strategy is a layered architecture An architecture in which data moves from one defined level of processing to another. Communications protocols are a primary example. See OSI model. where different security technologies are deployed on top of each other to implement multiple lines of defense. The storage network security strategy should be built in parallel with a strong physical security implementation, a good network security posture, and a good server and application security posture. These include Single Sign-On An identification system that lets users log into multiple Web sites on the Internet with one username and password. Single sign-on systems are also used within an enterprise, enabling users to access all authorized resources in the local network using the same username and password. support and integration, as well as processes and event logging procedures required to uncover the "chicken tracks" if a security event occurs. Each part is essential. Any aspect of security in the storage network that is left open to attacks is a potential risk to the infrastructure. While security for networks and servers is well understood, security for storage is an emerging area that offers challenge for compliance. The key framework for compliance integrates regulations and corporate policies, which drive standards and practices. The port scanners A port scanner is a piece of software designed to search a network host for open ports. This is often used by administrators to check the security of their networks and by hackers to compromise it. in the network, which expose open ports on individual IP addresses and operating systems Operating systems can be categorized by technology, ownership, licensing, working state, usage, and by many other characteristics. In practice, many of these groupings may overlap. , have tools to scan their patch level to indicate which have not been updated. These are established operational practices where the types of vulnerabilities and threats are fairly well known, and the processes for remediation and compensating controls are well established. Technical Side of Risk Mitigation The primary focus of today's growing number of compliance regulations is ensuring the privacy, integrity and control of electronic records. There is less tolerance for irresponsible records management, whether intentional in·ten·tion·al adj. 1. Done deliberately; intended: an intentional slight. See Synonyms at voluntary. 2. Having to do with intention. or accidental. Organizations are being held responsible for writing a policy regarding records management, retaining records in an unaltered state and preserving them for use by others for the foreseeable future. Records management has added a new dimension to storage management. The storage system is responsible for improving record integrity and retention while assuring only authorized au·thor·ize tr.v. au·thor·ized, au·thor·iz·ing, au·thor·iz·es 1. To grant authority or power to. 2. To give permission for; sanction: access. Enterprises must write storage network security standards and prove that they have consistently adhered to organizational policies and standards, prove that they can control and track the duplication of the records, show that these records are complete, and demonstrate that archives are tamper To meddle, alter, or improperly interfere with something; to make changes or corrupt, as in tampering with the evidence. resistant. The challenge with storage and the storage network is that records do not correlate well to SCSI commands In SCSI computer storage, a command is the basic unit of communication. The SCSI command architecture was originally defined for parallel SCSI buses but has been carried forward with minimal change for use with Fibre Channel, iSCSI and Serial Attached SCSI. , sectors on disks, LUNs, partitions, etc. Since a 10-terabyte database can contain 2 million e-mail records, all with different compliance requirements Compliance requirements are a series of directives established by United States Federal government agencies that summarize hundreds of Federal laws and regulations applicable to Federal assistance (also known as Federal aid or Federal funds). and impact on the business, it is best to create a trusted environment where sensitive and non-sensitive materials can be communicated. Consolidating storage resources can facilitate compliance, because all the information is in one storage type and location, controlled by one team. It also enables an enterprise to reduce total cost of operations while moving data from an unstructured to a structured data format. For example, the data that resides on an executive's laptop can pose the greatest risk to the organization, as it isn't protected within the confines con·fine v. con·fined, con·fin·ing, con·fines v.tr. 1. To keep within bounds; restrict: Please confine your remarks to the issues at hand. See Synonyms at limit. of a structured data security program. Similarly, much of an organization's critical information isn't stored centrally, backed up, tracked or reviewed for audit purposes. By contrast, records stored in a SAN leverage the benefits of residing in a structured data store, such as a database, that then can be managed based upon the type of records that they are. Compliance is also paramount in terms of backup and recovery for business continuity purposes. For example, if an organization decides to replicate rep·li·cate v. 1. To duplicate, copy, reproduce, or repeat. 2. To reproduce or make an exact copy or copies of genetic material, a cell, or an organism. n. A repetition of an experiment or a procedure. two data centers over distance using LAN/WAN LAN/WAN Local Area Network/Wide Area Network technologies that run over IP, there are significant compliance challenges around what information can be sent over the IP infrastructure. [ILLUSTRATION OMITTED] A records management compliance methodology must begin with a trusted infrastructure for the solution to run on. For example, if a database has strong authorization and authentication (1) Verifying the integrity of a transmitted message. See message integrity, e-mail authentication and MAC. (2) Verifying the identity of a user logging into a network. technologies deployed, but anybody can make a copy of a disk via the SAN, then the information isn't secure. In order to create trusted infrastructures, companies must implement the proper application of processes, people, training and technologies to close all back doors to the essential corporate information. Overall, it is essential that the following four key areas of technology and analysis be applied to the storage infrastructure: * Review privacy laws that are in place to ensure that only authorized users authorized user Radiation physics A person who, having satisfied the applicable training and experience requirements, is granted authority to order radioactive material and accepts responsibility for its safe receipt, storage, use, transfer and disposal get access to the storage network and that unauthorized people are unable to gain access to confidential records. Technologies and controls in the storage network for authorization and authentication are key to improving privacy, along with encryption The reversible transformation of data from the original (the plaintext) to a difficult-to-interpret format (the ciphertext) as a mechanism for protecting its confidentiality, integrity and sometimes its authenticity. Encryption uses an encryption algorithm and one or more encryption keys. of the right information in flight and at rest. * Establish data integrity and provide documentation when items are changed (including details such as who made the changes) and track any other avenues to get at the data. Data integrity is essential as public corporations work diligently dil·i·gent adj. Marked by persevering, painstaking effort. See Synonyms at busy. [Middle English, from Old French, from Latin d to validate their financial reports. And today, records may need to be retained in an unaltered form for many years. * Establish and maintain adequate controls in the data center. Specifically, this includes IT processes for information assurance and the impact of those policies and requirements on the storage network a policy for secure logging and incident handling, and auditing and validating the programs for adequacy, effectiveness, and efficiency. * Weigh how much security is "good enough." There are many terms in the various mandates that touch on this idea, and the business impact is marked. Most mandates understand that there is a proper balance between investments and risks, and that a certain degree of risk is allowable in the storage network environment. The challenge is that there are no firm rules outlining what the right level of investment is. To compound these, as mentioned before, there are around 10,000 rules and regulations that may impact a specific business. A key idea to keep in mind is that requirements and mandates in one industry may become guiding principles in the next. This means that the practices outlined in one industry may be adopted by another industry (your compliance team and compliance consultants can provide examples). The Focus on Security in the Data Center Companies can improve security in the data center for the storage network through a three-step process: an audit/review, creation of a storage security standard, and implementation/installation of a security solution. Consider, for example, a data center infrastructure in a tiered model, where business operations Business operations are those activities involved in the running of a business for the purpose of producing value for the stakeholders. Compare business processes. The outcome of business operations is the harvesting of value from assets sit at the top of the solution and where different divisions, groups or departments are running operations with the applications deployed in the data center. The applications inside the data center come from various vendors including Peoplesoft, Oracle, SAP, Exchange, etc., and provide the processing of the information that is stored in the storage network. Both of these layers focus on records in a database (whether they're individual e-mails or consumer transactions). Each of these applications resides on, and assumes that it is running on, a trusted infrastructure. A solid security solution focuses on creating a trusted infrastructure that covers all aspects of the storage network, including the Fibre Channel communications, iSCSI, SAN Routing, and LAN/WAN protocols and connectivity solutions used. It also addresses the out-of-band management Out-of-band management (sometimes called Lights-out management or LOM) is the use of a dedicated management channel for device maintenance. It allows a system administrator to monitor and manage servers and other network equipment by remote control regardless of aspects of the storage network, as they are central to security in the storage network. NAS (1) See network access server. (2) (Network Attached Storage) A specialized file server that connects to the network. A NAS device contains a slimmed-down operating system and a file system and processes only I/O requests by supporting the popular , as it attaches to the storage network for centralized cen·tral·ize v. cen·tral·ized, cen·tral·iz·ing, cen·tral·iz·es v.tr. 1. To draw into or toward a center; consolidate. 2. storage, is also a piece of the solution. Storage arrays, HBAs, appliances and other devices that participate in the storage network also need to be integrated. "What-If" and Gap Analyses In order to improve security in the data center for the storage network, a company should begin with a review of the infrastructure in its current configuration, as well as its target configuration, as the storage network is built out. It includes a comprehensive "what-if" analysis that foot-prints the infrastructure and applies a threat model to it to derive a report on the gaps in the network. The "what if" analysis is essential in order to uncover the opportunities that a hacker A person who writes programs in assembly language or in system-level languages, such as C. The term often refers to any programmer, but its true meaning is someone with a strong technical background who is "hacking away" at the bits and bytes. may try to exploit. The "what if" analysis also examines the level of training of the people in the environment, the workflow and processes already employed, how well the processes are followed, and the parts of the solution that must be formalized for·mal·ize tr.v. for·mal·ized, for·mal·iz·ing, for·mal·iz·es 1. To give a definite form or shape to. 2. a. To make formal. b. and documented. Planning to Address Gaps and Build a Roadmap for a Storage Security Standard Once the risks have been ranked and documented, the next step is to provide an architecture that includes processes, technologies and compensating controls to improve the security posture of the organization. This is a critical step since (per the McData End User Security Webinar) 84% of organizations do not have a documented storage security standard. The gold architecture for each organization will vary, as some technologies will be seen as a "must implement" in some environments and optional in others. [ILLUSTRATION OMITTED] Again, people and process are the key aspects of security. The storage security standard needs to have processes defined and documented for workflow, deviation, change control and validation. Everything needs to be written down and documented. "If it wasn't documented, it didn't happen" is the doctrine to follow in this environment. Training standards are also essential so that the team understands how the technologies in the data center work, how to configure See configuration. (software) configure - A program by Richard Stallman to discover properties of the current platform and to set up make to compile and install gcc. Cygnus configure was a similar system developed by K. the system correctly and as intended, and how to minimize the risk of accidental misconfigurations. Finally, it is essential to implement a good set of compensating controls to ensure that there is always a backup plan to address a vulnerability that may impact operations. If a security fix cannot be implemented in a reasonable amount of time, then another layer or type of security would need to be installed either temporarily until the vulnerability is fixed or permanently. A Plan to Improve the Organization's Security Posture A plan or strategy is only as good as its execution. Once changes are identified, mitigation schemes must be implemented almost immediately. Specifically, if technology is not feasible to fix one set of vulnerabilities, it is up to the organization to then execute compensating controls. Storage networking vendors can be key enablers by helping enterprises respond to security gaps as quickly as possible or by suggesting compensating controls to minimize risks. Training and assessments should be conducted on a regular basis to ensure that the organization is managing with current information and that everything is implemented as effectively as possible. Monitoring and Control Once a strong security posture is established in the enterprise storage environment, the security solution must help the organization remain in that secure posture. Reporting tools and software-enforced standards and policies are essential in the security methodology. Event notification Event notification is a term used in conjunction with communications software for linking applications that generate small messages (the "events") to applications that monitor the associated conditions and may take actions triggered by events. , extensive logging and reporting (to show the "chicken tracks" when a security event occurs), and security administration are essential pieces of the solution. This ongoing monitoring and control of the environment shows when updates were made, how fast they were made and indicates items that may be out of policy. This step includes reviewing and updating the security information with any new threats, processes, controls or preferred practices that have come to light. Regular updates and training to the current state of the art in storage security is essential, especially in an emerging area of security such as storage networks. Conclusion The best security solutions for storage networks are implemented in layers for one simple reason: if one is breached, the next one can stop the intrusion. Like a bank that has locks on the doors, restricted areas and locks on the safe, an enterprise's data should be protected with a layered security Layered security is a new term used by information protection and online security vendors that describes the practice of leveraging several different point security solutions to protect the digital identities and information of consumer, enterprise or government environments. solution leveraging the right technology at each layer. Security is not a point product, but an evolution in features and functionality as the storage network evolves. As companies extend their storage networks to FICON (FIber CONnector) An IBM mainframe channel introduced with its G5 servers in 1998. Based on the Fibre Channel standard, it boosts the transfer rate of ESCON's half-duplex 17MB/sec to a full-duplex 100MB/sec. , iSCSI and FCIP (Fibre Channel over IP) A protocol for tunneling Fibre Channel data across an IP network. Fibre Channel was designed for local storage area networks (SANs), but FCIP extends the distance to remote locations via any IP network. See Fibre Channel, iFCP and IP storage. , new threats will arise. Enterprises must understand these and deploy adequate policies, architectures and products to assure the security of their essential data. Security inside the data center is also an essential component of any security policy. It is essential to implement the right levels of security that are not overly complex and that don't hinder hin·der 1 v. hin·dered, hin·der·ing, hin·ders v.tr. 1. To be or get in the way of. 2. To obstruct or delay the progress of. v.intr. performance. These security techniques must leverage technologies such as authentication, authorization, accounting, DoS attack resistance, encryption, intrusion detection See IDS and IPS. tools and secure administration. These techniques must be implemented in the right places with open, standards-based techniques. www.mcdata.com Brandon Hoff is a security business manager at McDATA Corporation (Broomfield, CO) |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion