Page 2 of 3   « previous page   next page »

There are third-party products that provide SAN authentication and a standard protocol is in the works. The Fibre Channel Authentication Protocol, or FCAP, is one initiative trying to address this problem in Fibre Channel networks.

iSCSI presents a different set of security issues for system administrators trying to protect their data. The good news is that since iSCSI implements a Storage Area Network over IP, all the usual IP security protocols apply - including SSL and IPSec. IP authentication also applies - including CHAPS and Kerberos. Storage systems then are protected by the same mechanisms as the network but are vulnerable to the same security flaws. A more important issue is the level of authentication that iSCSI devices work on. Right now, iSCSI authentication is host-based. That means, once again, that anyone who gains access to a trusted server has access to the storage resources and the data on them.

The root of all of these security issues is SCSI itself. Unlike IP, SCSI wasn't originally conceived of as a network protocol. We have stretched and modified the SCSI specification to fit a network model but it has inherent flaws as a network protocol. At the end of the day, anyone who can issue SCSI commands to a storage device can damage the data on that device. That's another reason why host-level authentication isn't enough. If a process can get access to the SCSI adapter, there's nothing to stop it from sending damaging commands to the storage controller. It's a low-level protocol that sits below the application layer and is capable of deleting and overwriting storage data on any medium.

It's important that system administrators take as much time securing their storage systems as they do networks, servers, and applications.

LWM: How does policy-based data management play into an organization's data protection strategy?

TP: Policy-based data management, especially DLM, addresses two issues with data protection - complexity and cost.

As data protection needs grow, they often become more complex. Complexity leads to mistakes that can be devastating. Simply trying to keep track of all the data protection assets and processes becomes daunting. Policy-based data protection policies help to unify best practices into a set of rules. These rules in turn provide an easy-to-follow set of steps that ensure that mistakes don't happen.

Cost is another issue that policy-based data protection tackles. We often apply the same level of data protection to all data regardless of its worth to the organization. Expensive resources are consumed for relatively unimportant data. By examining what data is worth, appropriate resources can be allocated to protecting it. Instead of running out of expensive high-availability resources, much of an organization's data can be protected more modestly.

For example, if the policy states that all customer service e-mails over one-year-old aren't all that valuable anymore, they can be moved to less-expensive resources. E-mails younger than that may be kept on an expensive high-availability (HA) Fibre Channel array, backed up with a disk-to-disk system. We want to keep this data available and safe. Once they've aged past a year, we don't care as much so we put them on a Serial ATA array with fewer HA features. We write them out to CD-ROMs and cease to back them up anymore. Finally, when they get really old (say in three years) we scrub them from the disk system altogether and keep the CDs as an archive.

Policy-based data protection practices enable this kind of multi-tier environment. As data loses value, it's moved to less-expensive resources. In turn, space is freed up on the more expensive resources such as the HA disk-to-disk backup system. This keeps costs in check and you don't waste money on resources that are just not all that important anymore.

Most major storage vendors have products that automate the data movement process. The hard part is designing the policies. Policy development is time-consuming and disruptive. Ultimately it pays off but you have to have faith in the process.

LWM: What about information lifecycle management? How does that effect data protection?

TP: As Emeril Lagasse might say, here we kick it up a notch. Information lifecycle management (ILM) looks at the information, not just the data. There's a difference. Data refers to the raw structures of a computer such as files, volumes, disks, and devices. Information is independent of that. It has context based on metadata (data that describes other data) and content. It's the difference between a word processing file and a letter to a customer. The first is data; the second is information.

By knowing what information the data represents, we can make better decisions about what to protect and how to protect it. So, we might want to protect only customer e-mails associated with orders. An e-mail that was a simple inquiry will have less value, and we'll treat it as such. Spam will have no value (or maybe even negative value) and we'll actively delete it rather than protect it. By basing our decisions on the information itself, not the data used to represent it, we can make better decisions.

This brings us to the idea of classification. The only efficient way to make decisions about information is to divide it into classes and apply rules to those classes. This is hard to do with unstructured data such as files. Structured data stores, such as databases, naturally have a context provided for them in the form of schemes. Each piece of information is labeled and can be classified through rules, typically queries.

Not so with unstructured data. Sure you can tell that something is an OpenOffice.com Writer document from its header. What you can't tell is what the document is about. Is it the report I have to deliver to the board of directors or something for my son's Boy Scout troop. This is important to data protection because the former clearly has more value. I lose the report and I've lost weeks of work, and perhaps the work of many other people as well. The board will be very disappointed with me. I lose the Scout file and the impact on my life is less. I want to protect the report much more than the Scout file.

There are only two ways to do that.

First, protect everything as if it's the most important information in the world. That's very expensive.

Otherwise, make decisions as to what is worth protecting and to what extent. Remember, the resources that you put into protecting information translate into money. What's it worth to protect one piece of information versus another? That's the question that information lifecycle management helps to answer. Keep in mind that value changes over time so decisions have to be made regularly as to whether or not the right resources are being used to protect the information. The ILM process requires that you design rules for each class of information at different stages in its lifecycle. Part of that rule set has to be data protection rules.

LWM: How is Linux involved in data protection?

TP: There are two ways that Linux pops up in regards to data protection. One is on the product side. It's one of the most popular platforms in use in data storage and data protection systems. Storage systems used to be fairly simple. When all you wanted to do was provide an interface to the storage devices and maybe RAID, you could write your own embedded executive pretty easily.

Now that storage systems are highly complex, feature-rich products, a better underlying operating system is necessary. Linux provides the environment that enables many of the advanced functions that data protection relies on. Unlike some other embedded operating systems, Linux gives developers the control they want and marketers the licensing conducive to a high-volume business. There's a downside though. Proprietary operating systems and executives rarely have the security issues that more common operating systems do. Even when there's a threat, few people are trying to exploit it. That's not always the case - take a look at the security issues that have hit Cisco IOS lately - but the threat is still higher with a common OS.

Despite that, Linux is an excellent platform for data protection products. Besides the many programmers who understand it well, the ability to program at a kernel and source code level lets you to do things that would be difficult otherwise.

The other place that Linux intersects with data protection is in the data center. Linux has established itself as a viable server operating system. Linux-based systems now serve up mission-critical data that has to be protected. That means that Linux users have to worry about data protection issues the same way Microsoft Windows Server and Unix users do.

LWM: What are some of the issues that enterprise Linux users have with data protection?

TP: The biggest data protection issue for Linux users is the lack of support for Linux itself. Most major software and hardware companies support Linux in some fashion but that support is pretty limited to Red Hat and SuSE. This can be a problem is you're wed to another distribution. The exception is Altrix from SGI and only because SGI has some great tools designed especially for Altrix.

Page 2 of 3   « previous page   next page »