iSCSI
A smooth startup
Automate your infrastructure and data management with iSCSI.
iSCSI, (Internet Small Computer System Interface), is an Internet Protocol (IP)-based storage networking standard for linking data storage facilities. By carrying SCSI commands over IP networks, iSCSI is used to facilitate data transfers over intranets and to manage storage over long distances. It can be used to transmit data over local area networks (LANs), wide area networks (WANs), or the Internet and can enable location-independent data storage and retrieval.
iSCSI enables improvements in the economics, operating distance, and manageability of storage networks. It also leverages the security capabilities of IP networks.
Benefits
Cost
Achieve a lower total cost of ownership (TCO) than Fibre Channel. Depending on application demands, Ethernet SANs can leverage existing network infrastructures. Although the initial cost of adapters may be comparable to that of FC host bus adapters, eventual industrywide acceptance and volume production are expected to result in a lower price for iSCSI adapters.
Operating Distance
It is possible for an iSCSI-based network to economically span great distances using commonly available WANs. Longer operating distances will allow customers to mirror and archive data at remote sites for disaster protection.
Manageability
Using bridging products, iSCSI allows customers to present SAN capacity over an IP network. It can use some existing IP-based network management software. Note that devices will require storage management tools.
Security
IP networks have a well-defined security infrastructure (encryption and authentication) that makes iSCSI viable for remote back up and disaster recovery applications. Fibre Channel networks are primarily protected with physical security.
Encryption
A transfer can optionally encrypt each packet, ensuring security until the packet is decrypted by the receiver. A set of protocols called IPSEC (developed by the IETF) describes two encryption modes: transport and tunnel. Transport mode encrypts only the data portion (payload) of each packet, but leaves the header untouched. Tunnel mode encrypts both the header and the payload for increased security.
Authentication
iSCSI has provisions to mutually authenticate servers with storage at login. iSCSI uses the Challenge Handshake Authentication Protocol with Diffie-Hellman key protocol (DH CHAP). IPSEC can also provide further protection with per packet authentication.