Designing Storage Area Networks: A Practical Reference for Implementing Fibre Channel and IP SANs (2nd Edition)

The proliferation of SANs into mainstream IT networking enables storage to become a common utility ubiquitous, uniformly accessible, on demand, and highly reliable. As articulated by Compaq's original Enterprise Network Storage Architecture (ENSA), a storage utility is a single storage repository of global extent that leverages open standards to provide any-to-any connectivity between servers and storage. Combined with management and monitoring tools, ubiquitous access to storage capacity simplifies data management and more closely aligns applications to their storage requirements.

Whereas the ENSA model was formulated for enterprise networks, mainstream SANs extend the storage utility concept to the broad IT marketplace. Like a large enterprise, a small health clinic, for example, has the same requirements for ready access to client information, transaction history, a database of technical information, inventory, scheduling, and so on, and needs reliable archiving and restoration of vital data in the event of system failure. Access to business-critical information should not require knowledge of the underlying storage infrastructure nor special skills to maintain or expand storage capacity. Analogous to Internet access, a storage utility should be as simple as making a connection and letting the network infrastructure itself determine optimum routes, formatting, and presentation of information as required by the upper-layer application. The storage utility thus assumes rigorous standards compliance to simplify connectivity between disparate storage resources, automation of policies to determine appropriate storage methods and redundancy requirements, and intelligence in the storage network to proactively respond to potential disruption or failures on the back end.

As storage becomes a readily accessible utility, it also becomes vulnerable to intrusion. The physical isolation of today's SANs behind the locked doors of data centers offers only a castle and moat model for security. For a storage utility to be viable, more sophisticated security mechanisms are required. The iSCSI standard, for example, mandates IPSec for end-to-end device authentication and data encryption. The iSNS protocol enables secure discovery and authorized connectivity for iSCSI and Fibre Channel devices attached to gateways on IP networks. Third-party products are also appearing in the market to provide data encryption for Fibre Channel transports and encryption of data to disk. These security initiatives are an essential complement to the storage utility model.

Ubiquitous access to storage data facilitates information generation and exchange. It does not, unfortunately, govern the quality of that information. Just as the Internet is the home to both scientific data and pornography, a storage utility can streamline data transport and management but cannot ensure that storage resources are used beneficially. As with any commonly available technology, the rich functionality it provides and what people actually do with it are two different things.

Категории