• Secure protocols support strong authentication and encryption
• Consider security of IP data paths:
– Firewalls and intrusion detection devices – VLANs and VPNs
• Enable logging of accesses and configuration changes
As SAN security becomes increasingly recognized as a concern, more vendors are starting to introduce support for secure management protocols that support strong (not clear-text) authentication and encryption:
• Simple Network Management Protocol (SNMP) v3 instead of SNMPv2
• Secure Sockets Layer (SSL) instead of HTTP • Secure Shell (SSH) instead of Telnet
It is also important to ensure that appropriate security measures are implemented on all IP data paths. This includes:
• Firewalls and intrusion detection devices • VLANs and VPNs