Securing Networked Storage using Defense in Depth

In this paper, I will discuss security vulnerabilities in networked storage solutions and methods to identify and mitigate risk associated with the vulnerabilities. I will begin with an overview of the evolution of storage from Direct Attached Storage (DAS) to two dominant networked storage solutions - file-based Networked Attached Storage (NAS) and block-based Storage Area Networks (SAN). I will discuss security exposures within each solution and the applicability of 'defense in depth' techniques to address security issues in networked storage. Since networked storage is in constant evolution I will conclude with an overview of emerging trends in storage security.