An effective storage management solution must consider the role of security in ensuring network and data integrity. Open systems storage has evolved over many years prior to the advent of storage area networks (SANs). Originally, it was designed to work with direct-attached storage. By preventing access to the administrative practices on the server or to the server box itself, you could prevent access to the server-owned storage resources of disk and tape. Unfortunately, some of the assumptions made for software that worked in direct-attached storage are not valid for SANs. Furthermore, unless properly planned for and managed by your storage management solution, holes exist in your SAN security practices that can threaten data integrity and system availability.
This white paper outlines security practices for an effective storage management solution, including storage array volume access control, volume access control on the host, device configuration access control, management software access, and proactive detection and notification of access violations, auditing and logging. (June 2002)