The following text is copyright 2002 by Network World, permission is hearby given for reproduction, as long as attribution is given and this notice is included.

 

Crustacean security

 

By Scott Bradner

 

Three of the four cover stories of the January 21st issue of Network World were about security and the fourth mentioned security in the 2nd paragraph. Two of the stores focused on the difficulties with using the IETF's IPSec technology. But I seem to detect a common, and to me, dangerous thread hidden under some of the comments reported in the articles.

 

The first story that caught my eye has the headline "Debate flares over IP storage security."   The story talked about the cost in performance and dollars of including encryption in storage devices and quoted people who think there are other ways to get a secure system.  The major suggestion here is the same as the suggestion implied in one of the other cover stories on "easier VPNs."  This suggestion assumes that you can wall off some part of the net with a firewall of one kind or another and only protect communications outside of the firewall.  Far too much of the security thinking in the corporate world is based on this crustacean model -- hard on the outside and soft and vulnerable inside. 

 

There are three basic problems with the crustacean security model; people, penetration, and perfection.  Most studies over the years have shown that many if not most violations of network or computer security have been perpetrated or assisted by people inside the organization with legitimate access to the network.  Specifically, firewalls do not protect against the people already inside the wall.  In addition, all too frequently ways have been setup to penetrate or bypass the firewall for what seems like legitimate reasons such as installing a dial-up modem to access a special server from home.  Finally, unless the firewall software is perfect and perfectly setup, holes will be found. Too often this means the corporate jewels are lying around for the picking.

 

But the case of IP-based storage points out a somewhat different issue.  The article rightly points out that security has not been a real concern in fiber channel (FC) -based storage networks because they are physically separate networks with few hosts on them.  Some people seem to think that IP-based storage can be constrained in the same way.  I think that is, at best, wishful thinking.  One of the basic results of putting an application on IP is that you are no longer restricted as to where it can be used.  FC attached storage can only be used on the local FC network but an IP attached storage device can, and will be, used from anywhere on the IP networking world.  Putting storage on IP means that there is no way for a storage device to know what type of environment it is running in and so it has to be ready to deal with the case of a network with open access from the Internet -- i.e. you need full security.  If you don't want to deal with that reality then you should stick to FC.

 

disclaimer:  Reality? Harvard? In any case, the above are my own observations.