On Wed, 2007-08-08 at 01:34 -0700, Richard L. Hamilton wrote:
> Insofar as a separate network with physical security is
> "good enough" for many sites, in cases where iSCSI could be used
> over a private and local network (distinct from other IP traffic),
> would that really be any worse than non-encrypted/non-integrity-protected
> Fibre Channel?
Getting physical security and physical separation like that correct all
the time is hard. It's easier to keep networks intended to be separate
actually separate if they don't speak the same protocol.
If I accidentally cross-connect a FC san with the ethernet vlan that's
the backbone of my untrusted wireless network ... nothing bad happens
because bits don't move.
Replace the FC san with an iSCSI over ethernet san, and things get a
little more exciting.
(I won't name names, but I *have* seen cases where someone screwed up
while recabling a patch panel, cross-connecting an internal "secure"
network with an external-facing wireless network, despite the use of
color coded patch cords intended to make the separation obvious...)
So, two physically separate networks running the same protocol in the
clear have worse security than two physically separate networks running
inherently incompatible protocols.
- Bill
