On Wed, Mar 29, 2000 at 04:31:18PM -0600, [EMAIL PROTECTED] wrote:
> He wants to upgrade the external systems (one ftp and three http)
> and use a storage-area network (SAN) for the data storage. My
> instincts say this is way too complex for the external systems. I
> also don't like the idea of one 'owned' system gaining access to the
> other three systems data.
I think it depends on the Technology used. Network attached Storage is used
with Network File Systems, therefore your bad feeling about the System might
be correct (well, if the file server on the NAS System can give ACLs based
on Hosts and if the Hosts are attached so that the NAS Server can actually
notice (for example each server on its own LAN Port) then it needs 2 Bugs to
get to the shared data of other servers (one bug in a application/web server
and one bug in the Network filesystem).
SAN Networks are usually more "hardware separated". You attach multiple
serbers with High-Speed Interfaces to controllers in the SAN. The SAN does
partitioning on Hardware level... still not 100% secure, but quite safe
IMHO... the Question is if there is a good reason for doing this...
Greetings
Bernd
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
