Solved

SCSI switchbox ?

Posted on 2002-04-10
18
219 Views
Last Modified: 2008-02-01
Hi,

I have 2 computers with 1 backup tape and I want they will share the same casset on the same tape but
network connection is not an option.

do you know hardware like scsi switchbox so I could switch between the two computers but they won't be relly connected each other?

(actually, a backup robot do that but it is out of badget)

Thanks, Tom
0
Comment
Question by:TomDromi
  • 9
  • 6
  • 3
18 Comments
 
LVL 2

Expert Comment

by:highstar1
Comment Utility
Yes, there are SCSI manual Switchboxes for sell.
They work just like a printer or video switch.
Make sure you terminate your chain and you might have to
power down before you switch on some. Depends on your
particular situation.
0
 
LVL 2

Expert Comment

by:highstar1
Comment Utility
I see them at my local electronics/surplus store.
Are you using any deferential or LVD devices on your
external chain?
0
 
LVL 13

Expert Comment

by:magarity
Comment Utility
I'm very curious:  how is networking not an option?

However, a switchbox is not needed (and I wonder how that works; never seen one before).  As long as the SCSI cards can be set to different IDs (usually default to ID 7) then you can just chain from one SCSI card to the tape to the other SCSI card.  Terminate only the internal chain on each card.  Then just make sure to never try to use the device from both computers at the same time.

regards,
magarity
0
 
LVL 13

Expert Comment

by:magarity
Comment Utility
Well, here is a SCSI switch for two computers to share one device:

http://www.ramelectronics.net/apcon/2x1.htm

regards,
magarity
PS - I wondered why I hadn't seen them before; now I know why.
0
 
LVL 2

Expert Comment

by:highstar1
Comment Utility
Magarity,
Expensive powered switch. You can find manual ones for
around $30-$50. You have to be careful with termination
and you can't use it like a KVM switch. Both computers can
not use it at the same time. It just makes it easier to
share a low use device between multiple systems. Saves you
from having to disconnect and reconnecting the device.
0
 
LVL 13

Expert Comment

by:magarity
Comment Utility
You don't need to disconnect it using the method I've described, you need one less SCSI cable, and no switchbox.
0
 
LVL 2

Expert Comment

by:highstar1
Comment Utility
To use the daisy chain method we would have to know more
about the equipment being used. Types of SCSI Host cards.
If there are any external SCSI devices and what type of
SCSI devices. Also I have seen tape drives that have only
a SCSI in connector and are terminated. Designed to be the
last device on the chain. If you are chaining a SCSI 1 to
another SCSI 1 with only the tape in between, then there would be no problems.
0
 
LVL 13

Expert Comment

by:magarity
Comment Utility
The tape drive with only one SCSI connection would be the one showstopper for my idea.  We need to hear back from tomdromi about that one.

Otherwise, you don't need to know any more about the SCSI cards than would be needed to hook up the tape drive in the first place.  Well, you need to go into their setup and change the ID on one of them to something that isn't already taken, but that's it.

As for chaining between different types, that's no more problem than using a switch box between different types.

Well, either will work.  I just personally find manual switchboxes to be kludgy solutions.  Let's hear from the questioner.
0
 
LVL 2

Expert Comment

by:highstar1
Comment Utility
If your running LVD or other highspeed devices the Host
card will drop to the lowest common denominator. So if
the tape is a SCSI 1 50 pin device it could hurt the performance of other devices. This is not a problem if the
SCSI 1 tape is only used part of the time. Then you have
various cable connections. ie 50 pin, 68 pin, 80 pin
Centronic adapters, HD pin adapters, SCA adapters.
So the overall system has to be considered.
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 2

Expert Comment

by:highstar1
Comment Utility
Personally I wouldn't use a SCSI Switch box. I would use
other methods.
0
 
LVL 1

Author Comment

by:TomDromi
Comment Utility
Hello,

highstar1 and magarity - thanks for your comment.

1. I need this option to sync between 2 DBs - one on web server and the other on the main DB. because of security reasons I don't want (and forbidden by my boses) to connect between the two. so I need a way to be sure in 110% that hakers won't be able jump between the networks.
I need an hardware solution that make this network saparate.
is your controller-tape-controller is 110% network-saparation?

2. also, I need solution so the sync will be automatically with an interval (so menual switch isn't possible)

3. I prefer not to buy auto-switch in 1000$.

what do you think now?
Thanks, TomDromi
0
 
LVL 1

Author Comment

by:TomDromi
Comment Utility
Hello,

highstar1 and magarity - thanks for your comment.

1. I need this option to sync between 2 DBs - one on web server and the other on the main DB. because of security reasons I don't want (and forbidden by my boses) to connect between the two. so I need a way to be sure in 110% that hakers won't be able jump between the networks.
I need an hardware solution that make this network saparate.
is your controller-tape-controller is 110% network-saparation?

2. also, I need solution so the sync will be automatically with an interval (so menual switch isn't possible)

3. I prefer not to buy auto-switch in 1000$.

what do you think now?
Thanks, TomDromi
0
 
LVL 2

Expert Comment

by:highstar1
Comment Utility
I deal alot with DoD security issues. I'll give your
situation some thought.
0
 
LVL 13

Accepted Solution

by:
magarity earned 100 total points
Comment Utility
OK, lengthy replies follow.  Please read CAREFULLY, because if you skim the word 'compromise' and panic then you haven't read it properly:

"1. is your controller-tape-controller is 110% network-saparation?"

Yes, it is 100% separated for run-time.  If machine 1 is compromised it can only write something to the tape.  There is no way to send operating system executable commands over the SCSI bus to machine 2.  

You would need to crack machine 2, read from the tape and then execute whatever you saved from previously cracked machine #1.  If you can crack machine 2 in the first place, saving something on the tape is a not the threat.  As long as machine #2 does not restore and execute an infected file that compromised machine #1 saved, you're all set.  This is NOT a fault of the shared SCSI setup.  You would have to watch out for this even if you manually carried the disconnected tape drive between the two machines.

<MOST IMPORTANT POINT>

This is so important I'll repeat it:

The ONLY potential for compromise is an infected file saved to tape by cracked machine #1 is restored on machine #2 and executed.  This requires the person doing the restore to machine #2 to be the responsible party, NOT the shared SCSI setup!  There is NO WAY for an intruder to execute anything on machine #2 without the help of an irresponsible tape-restorer.

</ most important point>

"2. also, I need solution so the sync will be automatically with an interval"

This is important because with two controllers they must not write to the tape at the same time.  With a SCSI hard drive this is possible, but a tape drive's linear nature makes two concurrent access problematic.  As long as you are careful to time the access so that one machine goes at a time, you're all set.

Just remember to set the SCSI IDs of all the devices on the chain, including the two controllers, to unique numbers.  Assuming:
1.  there is no other devices
2. the tape drive has two SCSI connectors or is not terminated
Then the layout would be:

termination of internal chain or card
     |
SCSI card in machine 1, ID#0
     |
tape drive, ID#1
     |
SCSI card in machine 2, ID#2
    |
termination of internal chain or card

Note the concerns from highstart about slowing down high speed LVD devices.  Since tape is fairly slow, consider dedicating a pair of cheaper basic SCSI cards to this setup rather than the server's RAID capable controller's external port.  Besides, you can't put a linear device like a tape on the same controller that is running a disk RAID.
0
 
LVL 2

Expert Comment

by:highstar1
Comment Utility
Sounds like your budget is a big limiting factor here.
You could use your parallel, serial or USB ports to
do this as well. If your systems have high performance
SCSI hosts, I would buy two cheap SCSI 1 cards ($25) and
try magarity's plan. It might be the cheapest way to reach your goals. From a security point of view, there would be other choices. They would be more expensive to implement. Magarity's plan wouldn't fly in the secure environments that I work with.  I don't think the hackers have the resources to attack Magarity's setup.
0
 
LVL 2

Expert Comment

by:highstar1
Comment Utility
You will need some scheduling software to insure that the drive is not accessed by both systems at the same time.
0
 
LVL 1

Author Comment

by:TomDromi
Comment Utility
Hi,

highstar1, why "From a security point of view,
there would be other choices" ?
TomDromi
0
 
LVL 13

Expert Comment

by:magarity
Comment Utility
Because human error, or an inside operative, could load and execute on the 'inside' computer a malicious file saved to the tape by a cracker on the compromised 'outside' computer.  If you were so worried about this, you would find the budget to get another unit or better screen your employees with access to the 'inside' computer.  Government intelligence agencies (NRO, et al) and corporate research facilities (Watson Labs, et al) could justify this concern.
0

Featured Post

Scale it in WD Gold

With up to ten times the workload capacity of desktop drives, WD Gold hard drives employ advanced technology to deliver among the best in reliability, capacity, power efficiency and performance.

Join & Write a Comment

In this article you will get to know about pros and cons of storage drives HDD, SSD and SSHD.
Moving your enterprise fax infrastructure from in-house fax machines and servers to the cloud makes sense — from both an efficiency and productivity standpoint. But does migrating to a cloud fax solution mean you will no longer be able to send or re…
This video discusses moving either the default database or any database to a new volume.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now