Constructing Secure Storage Area Networks
by Todd Bundy - Director of Business Development and Alliances, ADVA Optical Networking - Wednesday, 13 September 2006.
Physical-layer intrusion detection, for example, is emerging as an important capability. Some WDM-enabled optical networking platforms can be programmed to take various immediate, automated actions per level of signal degradation. An inherent ability to shut down service to one data center, for example, without the delay of human intervention has proven to be a powerful tool for mitigating the damage of breaches – especially in industries such as finance where an enterprise’s infrastructure might be processing thousands of transactions per second.

In-flight data encryption is another emerging security mechanism, often deployed as an important last line of defense. Some enterprises have deployed carrier-class WDM platforms in tandem with recently released SAN VPN appliances that perform native SAN encryption via 3DES or AES (Data or Advanced Encryption Standard, respectively) at wire speed. A process similar to IPSec Tunnel Mode, this function encapsulates and encrypts an entire Fibre Channel frame as it enters or leaves the SAN. Conversion to IP is not required, so the process does not add latency delay for sophisticated, real-time SAN applications such as 1Gbit/s and 2Gbit/s Fibre Channel or Fiber Connection. This is critical because the challenge is to improve security without reducing the performance of the services carried across the SAN. The enterprise must be able to meet regulatory requirements and alleviate data-privacy concerns without imposing adverse operational impact on its SAN applications.

Conclusion

Though there have been several high-profile incidents of information theft over the last few years, most breaches have gone unreported. Regulatory trends suggest that enterprises in more and more industries will no longer be allowed to remain silent about compromises to their information assets. While healthcare, financial services, manufacturing and government entities have been the most eager adopters of multi-layered SAN security strategies, there is activity in other industries, such as airlines, pharmaceuticals, life sciences and education.

It is important to do all that can be done to shore up protection, because the risks of sitting still are considerable. Beyond inviting sometimes-stiff government penalties, an enterprise stands to severely damage customer confidence and loyalty if its infrastructure is shown to be vulnerable to data theft.

As the nature of security threats has evolved and matured, so have the security capabilities available for optical networks. Enterprises today are adopting increasingly sophisticated, multi-faceted SAN security strategies to keep in compliance with data-protection regulations and keep out of tomorrow’s negative headlines.

Spotlight

Internet Explorer vulnerabilities increase 100%

Posted on 23 July 2014.  |  Bromium Labs research determined that Internet Explorer vulnerabilities have increased more than 100 percent since 2013, surpassing Java and Flash vulnerabilities.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Jul 23rd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //