What is FCPAP (Fibre Channel Password Authentication Protocol)?
FCPAP (Fibre Channel Password Authentication Protocol) is an optional password based
authentication and key exchange protocol which is utilized in Fibre Channel Storage Area
Networks (SANs). FCPAP is used to mutually authenticate Fibre Channel ports to each other.
This includes E_Port's, N_Port's, and Domain Controllers.
What is iSCSI and basically how does it work?
iSCSI stands for internet SCSI, or
internet Small Computer Systems Interface.
iSCSI is the transmission of SCSI commands
and data over IP networks.
When an application attempts to read from
an iSCSI device, the SCSI read command is encapsulated
inside an IP packet. The IP packet is then routed just like
any other IP packet on the network. When the IP packet
reaches its destination, the encapsulation is stripped off
and the SCSI read command is interpreted by the iSCSI drive.
What is mirroring?
Mirroring is the automated process of writing data to two drives simultaneously. Mirroring is used
to provide redundancy. If one drive fails, the redundant drive will continue to store the data and
provide access to it. The failed drive can then be replaced and the drive set can be re-mirrored.
What is LUN masking?
LUN (Logical Unit Number) Masking is an authorization process that makes a LUN available to
some hosts and unavailable to other hosts. LUN Masking is implemented primarily at the HBA
(Host Bus Adapter) level. LUN Masking implemented at this level is vulnerable to any attack that
compromises the HBA. Some storage controllers also support LUN Masking. LUN Masking is
important because Windows based servers attempt to write volume labels to all available LUN's.
This can render the LUN's unusable by other operating systems and can result in data loss.
What is the difference between hard and soft zoning?
Hard zoning is zoning which is implemented in hardware. Soft zoning is zoning which is
implemented in software.
Hard zoning physically blocks access to a zone from any device outside of the zone.
Soft zoning uses filtering implemented in fibre channel switches to prevent ports from being seen
from outside of their assigned zones. The security vulnerability in soft zoning is that the ports are
still accessible if the user in another zone correctly guesses the fibre channel address.
Back to Article List