Solved

SAN - physical vs logical distinction of LUNs

Posted on 2013-06-14
4
303 Views
Last Modified: 2013-06-20
Let's say 10 organizations have their SAN storage in one central location. Their LUNs are all logically seperated out, but they are all part of the same physical SAN.

1)If the 10 entities are all maintaining their own private data collections, is there any vulnerability for the data? Is Logical seperation enough?

2)Would it be cost-prohibitive for each organization to have their own SAN physically distinct from the others.

Thanks.
0
Comment
Question by:25112
  • 2
4 Comments
 
LVL 120

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE^2)
Andrew Hancock (VMware vExpert / EE MVE^2) earned 333 total points
ID: 39248783
1. Yes, you would need very tight security controls, to prevent LUNs be accessible from other organisations.

2. Storage virtualisation is much cheaper, than all organisations having their own SAN.
0
 
LVL 5

Author Comment

by:25112
ID: 39249247
>>1. Yes, you would need very tight security controls, to prevent LUNs be accessible from other organisations.

what would be the standards for these tight security controls.. can you suggest any link i can read about this?

>>2. Storage virtualisation is much cheaper, than all organisations having their own SAN.
can you please give a money figure example (approximate) so i can understand what extent
0
 
LVL 120

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE^2)
Andrew Hancock (VMware vExpert / EE MVE^2) earned 333 total points
ID: 39249290
depends on the SAN, Fibre Channel or iSCSI.

If Fibre Channel it would be controlled by Zoning and HBA WWNN, if iSCSI it would be controlled by CHAP Secrets (a password to access the iSCSI LUN), and IQN/HBA node names.

see here
vSphere Storage Guide

£20-£25k per Single SAN approx 14TB RAW - e.g. Dell EqualLogic 4100
0
 
LVL 55

Accepted Solution

by:
andyalder earned 167 total points
ID: 39253193
Data security is covered by LUN masking so they can't access each others LUN. That doesn't do anything for performance though, if one of them runs IOmeter all day (or stressful SQL queries) performance for the other companies may suffer.
0

Featured Post

Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Last article we focus in how to VMware: How to create and use VMs TAGs – Part 1 so before follow this article and perform the next tasks, you should read the first article how to create the TAG before using them in Veeam Backup Jobs.
This video teaches viewers how to encrypt an external drive that requires a password to read and edit the drive. All tasks are done in Disk Utility. Plug in the external drive you wish to encrypt: Make sure all previous data on the drive has been …
This Micro Tutorial will teach you how to reformat your flash drive. Sometimes your flash drive may have issues carrying files so this will completely restore it to manufacturing settings. Make sure to backup all files before reformatting. This w…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question