How do you implement security in Storage area networks?
LUN Masking:
--> LUN Masking is a method of controlling access to LUNs (Logical Unit Numbers) at the storage system/Storage Array.
--> It is used to restrict access to specific LUNs for a particular host or group of hosts.
--> LUN masking provides a granular level of control, allowing administrators to grant or restrict access on a per-LUN basis to the physical servers or ESXI hosts.
--> No need to do any configuration on Fabric SAN Switches
Zoning:
--> Zoning is used to control access to Fibre Channel (FC) ports at the fabric level.
--> It is used to create a logical grouping of devices that can communicate with each other.
--> Devices within the same zone can communicate with each other, while communication between devices in different zones is restricted
--> Zoning can be implemented as hard zoning or soft zoning
--> Zoning configuration is done on the Fabric SAN Switches
In summary, while both LUN Masking and Zoning are important methods for controlling access to storage resources and improving security in Storage Area Networks, they serve different purposes and operate at different levels in the storage network.
0 comments:
Post a Comment