En la administración de una red de fibra para almacenamiento más que medidas de seguridad de caracter preventivo son una práctica habitual el zoneado del switch ( o fabric) y el enmascaramiento de lunes (lun masking) desde la cabina en la provisión rutinaria de almacenamiento. Adiccionalmente, se puede añadir niveles de seguridad en la SAN con funcionalidades que proporcionan los fabricantes de switches de fibra. Ejemplos para tecnología Brocade son las políticas de control de las conexiones entre switches ( Switch Connection Control – SCC) y de control de dispositivos ( Device Connection Control – DCC). Lo que nos permiten hacer estas los políticas es restringir que switches y dispositivos se conectarán a la fabric.
SCC – Proteje las conexiónes inesperadas entre switches, se trata de verificar cada vez que se intenta realizar una conexión entre switches (ISL) contra un listado de switches definido por la política.
DCC – Proteje la conexiónes inesperadas entre dispositivos (HBAs de servidores, librerías, drives, VTLs, cabinas) con switches, se trata de verificar cada vez que se intenta realizar una conexión de un dispositivo de fibre contra un listado de dispositivos definido por la política.
La aplicación de estas políticas pueden considerarse interesante en muchos casos, por ejemplo, si el parcheo de fibra y sus cambios es ajeno al personal de administración de la SAN, si se quiere minimizar el fallo humano, o evitar un intento de acceso no deseado de un equipo o un analizador de tráfico, …
La SAN, al estar aislada sin acceso externo por otras redes es considerada segura, no necesitando medidas de protección especiales en apariencia. Pero si alguien consigue la contraseña de administración de alguno de los servidores conectado a la SAN, puede introducir driver de la HBAs modificados (o ni eso) para una práctica de hack que es "wwn spoofing", es decir, modificar la HBA de un servidor con el wwn de otra que le permita tener acceso al recurso de almacenamiento … y a sus datos. Recordemos que el sentido del hackering puede ser robar, corromper o destrozar el núcleo de información de la compañía. y … ¿ ésto lo evitaría DCC ? Si, ya que es una aplicación de "port locking" ( o "port binding") que es la asociación de un puerto a un wwn.
Para añadir un nivel mayor de seguridad se pueden usar protocolos de autenticación como DH-CHAP que pertenece a los protocolos FC-SP (Fibre Channel Security Protocols) definidos por la T11 y asegura mediante par de claves asociadas a wwn la negociación entre conexiones de forma segura. Aparte del "wwn spoofing" existen otras técnicas de hack en la fabric tales como "S_ID spoofing", " M-I-T-M attack" donde la aplicación de protocolos FC-SP son eficaces para evitar cualquier riesgo de intrusión.
Para la tecnología Brocade está la política AUTH que implementa la autenticación entre switches y dispositivos a través de DH-CHAP / FCAP.
¿ Es vuestra SAN segura ? y … ¿ estás preparado para una intrusión?
Howdy! Would you mind if I share your blog with my zynga group?
There’s a lot of folks that I think would really appreciate your content.
Please let me know. Cheers
Once I initially commented I clicked the -Notify me when new feedback are added- checkbox and now each time a remark is added I get 4 emails with the same comment. Is there any approach you may take away me from that service? Thanks!
Hi! I just want to give you a big thumbs up for your excellent
information you’ve got right here on this post. I’ll
be returning to your web site for more soon.
It’s exhausting to search out educated folks on this topic, but you sound like you understand what you’re speaking about! Thanks
It’s really a nice and useful piece of info. I’m glad that you shared this helpful information with us. Please keep us up to date like this. Thanks for sharing.
Make money trading opions.
The minimum deposit is 50$.
Learn how to trade correctly. How to earn from $50 to $15000 a day.
The more you earn, the more profit we get.
I really wish I am useful in some way .
Wonderful post but I was wondering if you could write a litte
more on this topic? I’d be very thankful if you could elaborate a little bit more.
Bless you! https://seedandspark.com/user/iotrhtsrj
Hi to all, the contents present at this site are really awesome for
people knowledge, well, keep up the nice work fellows.
Great – I should certainly pronounce, impressed with your website. I had no trouble navigating through all tabs and related info ended up being truly simple to do to access. I recently found what I hoped for before you know it in the least. Reasonably unusual. Is likely to appreciate it for those who add forums or anything, site theme . a tones way for your client to communicate. Nice task..
Hi, Neat post. There is a problem with your site in internet explorer, would test this… IE still is the market leader and a good portion of people will miss your wonderful writing due to this problem.
Hello, i think that i saw you visited my weblog thus i came to “return the favor”.I’m trying to
find things to improve my web site!I suppose its ok to use a few of your ideas!!
Howdy! This is my first comment here so I just wanted to
give a quick shout out and tell you I really enjoy reading your blog posts.
Can you recommend any other blogs/websites/forums that
deal with the same topics? Thanks a ton!
Greetings I am so delighted I found your webpage, I really found you by mistake, while I was looking on Yahoo
for something else, Nonetheless I am here now and would
just like to say many thanks for a incredible post and a all round
enjoyable blog (I also love the theme/design), I don’t have
time to read through it all at the minute but I have
saved it and also added your RSS feeds, so when I have time I will be back
to read a great deal more, Please do keep up the awesome job.
The subsequent time I learn a blog, I hope that it doesnt disappoint me as a lot as this one. I imply, I know it was my option to read, however I truly thought youd have something fascinating to say. All I hear is a bunch of whining about something that you can repair if you happen to werent too busy looking for attention.
Nice post. I was checking continuously this blog and I am impressed! Extremely useful info specifically the last part 🙂 I care for such info much. I was looking for this particular info for a long time. Thank you and best of luck.
A lot of thanks for your own hard work on this blog. My niece delights in setting aside time for research and it’s easy to understand why. I know all about the dynamic mode you create valuable guides on this blog and therefore boost participation from the others on that matter while my girl is in fact starting to learn a great deal. Have fun with the rest of the new year. You’re conducting a stunning job.
Hi! I know this is kinda off topic but I was wondering which blog platform are
you using for this website? I’m getting fed up of WordPress
because I’ve had problems with hackers and I’m looking at alternatives for another platform.
I would be great if you could point me in the direction of a good
platform.
Hello there, You’ve done an incredible job. I will definitely digg it and for my part suggest to my friends. I’m confident they’ll be benefited from this website.
I just couldn’t depart your site before suggesting that I really loved the standard information an individual supply on your visitors? Is gonna be back steadily to check up on new posts
Looking for a competent service to solve your “please do my essay now” problem?
Let us offer you 2000 professional essay writers
with hundreds of successfully accomplished projects in the portfolio.
Place an order in less than a minute and enjoy a top mark
alongside a positive essay mark when the deadline is due.
Receiving such a quality paper, your instructor will be more than pleased to reward
your efforts with a good grade.
magnificent points altogether, you just gained a brand new reader. What would you recommend about your post that you made some days ago? Any positive?
With havin so much content and articles do you ever run into any issues
of plagorism or copyright violation? My site has a lot of
completely unique content I’ve either created myself or
outsourced but it appears a lot of it is popping it up all over the internet without
my authorization. Do you know any methods to help stop content from being
stolen? I’d really appreciate it.
Thanks for finally writing about > Seguridad en una SAN Brocade I – Políticas SCC, DCC y
AUTH | Almacenamiento Abierto < Liked it!
Hello! This is my first visit to your blog! We are a team of
volunteers and starting a new initiative in a community in the same
niche. Your blog provided us useful information to work on. You have done an outstanding
job.
Hello, there. I know this is off-topic, but I was wondering which
blog platform are you using for this site? I’m getting fed up of
WordPress because I’ve had problems with hackers
and I’m looking at options for another platform.
I would be fantastic if you could point me in the direction of a good platform.
– Sincerely thanks: Thành thực cám ơn
You made some decent factors there. I regarded on the web for the issue and found most people will go together with along with your website.
Wonderful work! That is the kind of info that are supposed to be shared across the net. Disgrace on the search engines for now not positioning this publish higher! Come on over and visit my web site . Thanks =)
I like the valuable info you provide in your articles. I will bookmark your blog and check again here regularly. I’m quite certain I’ll learn many new stuff right here! Good luck for the next!
Your style is so unique in comparison to other folks I have read stuff
from. Many thanks for posting when you have the opportunity, Guess I’ll just bookmark this page.
I loved as much as you’ll receive carried out right here. The sketch is tasteful, your authored material stylish. nonetheless, you command get bought an shakiness over that you wish be delivering the following. unwell unquestionably come more formerly again as exactly the same nearly very often inside case you shield this increase.
Informative article, exactly what I was looking
for.
WOW just what I was searching for. Came here by searching
for hi 88
Free porno adult free web cams porno free porno chat
An outstanding share! I’ve just forwarded this onto a colleague
who has been conducting a little research
on this. And he in fact ordered me lunch because I stumbled upon it
for him… lol. So let me reword this….
Thank YOU for the meal!! But yeah, thanx for spending the time to talk about this
issue here on your internet site.
It is appropriate time to make some plans for the future and
it is time to be happy. I’ve read this post and
if I could I desire to suggest you some interesting things or tips.
Maybe you can write next articles referring to this article.
I desire to read more things about it!
I’ve been browsing on-line more than three hours as of late, yet I by no means discovered any interesting article like yours. It is lovely price enough for me. In my view, if all web owners and bloggers made just right content material as you probably did, the web will likely be a lot more useful than ever before.
Plus, there are tons of ongoing weekly promotions for racing,
sports bets, and poker.
my web-site Roseanna
Good day! This post couldn’t be written any better! Reading this post reminds me of my good old room mate! He always kept talking about this. I will forward this article to him. Fairly certain he will have a good read. Many thanks for sharing!
Does your site have a contact page? I’m having trouble locating it but, I’d like to shoot you an e-mail.
I’ve got some suggestions for your blog you might be interested in hearing.
Either way, great blog and I look forward to seeing it expand over time.
WOW just what I was looking for. Came here by searching for winter
park
Hi! This is my 1st comment here so I just wanted to give a quick shout out and say I truly enjoy reading through your posts. Can you recommend any other blogs/websites/forums that cover the same subjects? Thanks!
Heya i am for the first time here. I came across this board and I find It really useful & it helped me
out a lot. I hope to give something back and help others like
you helped me.
Its not my first time to go to see this site, i am visiting this web site dailly and take fastidious data from here every day.
I’m still learning from you, but I’m trying to achieve my goals. I absolutely liked reading all that is written on your site.Keep the stories coming. I liked it!
Hey there! This post could not be written any better! Reading this post reminds me of my old room mate! He always kept talking about this. I will forward this write-up to him. Fairly certain he will have a good read. Thank you for sharing!
We will teach you how to earn $ 7000 per hour. Why? We will profit
from your profit.https://go.binaryoption.ae/FmUKhe
I think the admin of this website is in fact working hard in support of his web page,
because here every information is quality based stuff.
We will teach you how to earn $ 7000 per hour. Why? We will profit from
your profit.https://go.binaryoption.ae/FmUKhe
We will teach you how to earn $ 7000 per hour. Why?
We will profit from your profit.https://go.binaryoption.ae/FmUKhe