• Home
• Articles Archive
• Features List

• Media Pack
• Contact Us
• Subscribe

AVOIDING CONNECTIVITY MELTDOWN

From STORAGE Magazine Vol 6, Issue 3 - April 2006

How do you safeguard your data in this age of advanced connectivity? The potential harm involved when getting it wrong is multiplied across most businesses by the high degree of connectivity that a modern storage infrastructure demands. We pinpoint the best strategies for avoiding a connectivity disaster

As networks have grown, both in size and complexity, security problems have become more prevalent and the risks involved in using a network become higher. Network Attached Storage (NAS) and Storage Area Network (SAN) technology have had a similar effect on storage. Storage devices are now experiencing many of the problems other network devices do. Servers can now potentially access hundreds, or even thousands, of storage devices and corrupt data on a scale not previously witnessed.

Businesses find themselves storing ever more data and migrating to networked storage - which has opened up a whole new debate around issues concerning security. However, Eric Schott, director of product management at EqualLogic, is quick to reassure businesses that these risks can be managed.

"Many first-time SAN buyers - particularly in the SME sector - have raised concerns about the risk of moving their data to networked storage (SAN and NAS). The perception is that connecting additional devices to the network effectively multiplies the risk of corrupted data, viruses and other security concerns.

"Cost is another issue," Schott points out. "Traditional Fibre Channel SANs have been too costly and complex for most SMEs to deploy. As a result, some organisations have been reluctant to migrate away from direct-attached storage (DAS), shunning the networked storage model altogether.

"The advent of iSCSI SAN, however, has vastly reduced the complexity - and the cost - of networked storage, whilst also providing a far more secure environment than many realise.

SCSI, which runs on the TCP/IP protocol that forms the basis of virtually every corporate network, is the only storage networking protocol to include built-in security features, he adds: authentication, authorisation and encryption. This means administrators tightly control access privileges from a single location, effectively restricting the impact of any security breaches. "For example, a mail server will only have access to email storage, whilst a CRM application will be restricted to its own dataset, even if the two datasets live on the same storage array.

"Additionally, iSCSI SANs leverage IT managers' existing understanding of IP and how to keep entire networks secure from intrusion. IP is familiar technology to administrators and they are well versed in managing IP security risks, such as configuring router-level security features and managing firewalls. Provided they use the well-proven IP security methods to segregate and control access to their SAN, organisations can safeguard their data, while avoiding unnecessary complexity and costs."

Strategy rethink
According to Charles Eischen, product marketing manager, AMCC, iSCSI block storage appliances are making in-roads into traditional SAN environments. "Their emergence will offer IT managers real alternatives to expensive and complex fibre channel SAN solutions," he argues. "NAS suppliers may begin to rethink their product strategies and offer convergent software solutions that would combine the benefits of block storage (virtualised raw storage blocks) with more traditional file-based fibre channel NAS solutions.”

The convergence of these two storage technologies is sometimes referred to as 'block storage behind a NAS head'.

Performance trade-offs between iSCSI and fibre channel still exist, he agrees, but can be offset by expansion, ease-of-use and value considerations. Additionally, many value-add solutions that comple- ment and enhance iSCSI and NAS products offset these trade-offs and are available today.

"Block storage devices expose raw blocks of storage that an operating system will recognise as a virtual device [in exactly the same manner as a local hard drive]," Eischen points out. "The OS will format the block storage to allow file-sharing across operating systems. This can be a cumbersome and complex operation, as block storage logical units require some level of advance zoning to prohibit certain operating systems from grabbing all available storage.

"NAS storage is easy to set up. It can by directly attached to existing ethernet network infrastructures, with minimal configuration. NAS software finds and shares files with any supported operating system, in much the same way that you access and use files on your desktop.

NAS software is either based on the Windows Storage Server or other NAS software offered by many NAS storage start-ups. On a larger scale, complete
NAS offerings are provided by the blue-chip storage companies, including NetAPP, EMC and IBM.”

The blending of NAS and iSCSI technologies promises significant benefits to a broad range of end users, from under-budgeted IT shops to enterprise workgroups. It offers a serious alternative to traditional fibre channel SANs.

"The real benefit is that you can enjoy the flexibility of block storage, whereby storage is divided and allocated to applications that have specific capacity/performance requirements," adds Eischen, "and at the same time benefit from the easy- to-use automatic file capabilities of a NAS appliance or NAS head."

Global challenges
With people working from numerous branch offices, across multiple geographies and from their homes, ensuring that all the data held remotely is managed, stored, replicated and accessible according to company policy and external regulations is a major challenge for organisations.

"Already some vendors are offering solutions that enable back-up from remote sites - so at least legislation can be complied with," says Robin Pilcher, director, EMEA marketing, McDATA. "However, this is only a very small part of what businesses trying to link up to their remote sites actually want to achieve.
"Given the choice, where would companies choose to put their data? The answer every time is in the data centre. After all, that is where they already have the systems, proven processes and the data management disciplines to consolidate, optimise and protect their No. 1 corporate asset - data. "

Data storage technologies no longer need to be held at each remote site, he argues - the data can now be held centrally and still accessed from any remote site, at LAN speed, no matter how remote that might be. "This is what the McDATA Remote Office Consolidation (ROC) solution offers. ROC provides a complete set of products and services that help customers consolidate, optimise and protect remote office applications and data assets.

"It is easy to see how moving the data, storage, servers and applications to the data centre and then enabling remote sites to have access to the centralised SAN, in real-time, offers considerable cost savings through consolidation, better data utilisation and protection, and improved compliance management and enforcement."

According to Pilcher, remote office consolidation is about helping the customer to implement such a strategy. The return on investment for a remote office consolidation is very fast, but data and application migration back to the centre, server and storage consolidation, and backup and recovery procedures all require careful planning and execution.

"For the first time, the SAN can truly be 'enterprise wide', wherever that enterprise's remote sites are located.

“Centralising data from these remote sites is a trend that will continue to be at the forefront of every company's data management concerns,” he concludes, “meaning it will be less of a remote chance and more an unquestionable opportunity for the industry." ST