CHAP for iscsi

I need your opinion on configuring CAHP authentication on iScSI. As far as I know it is tightening the security, but do we need it?. Client has VNX, Equallogic,NetApp. None of them are configured for CHAP authentication. Client is thinking of implementing that solution.
Experts out there might have configured CHAP authentication.  What the advantages and disadvantages of using it ?
LVL 2
sara2000Asked:
Who is Participating?
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
It's a one time configuration, at adding the passphrase when you setup the iSCSI software initiator.

Very simple, tick box, and the passphrase is hashed and stored.

So no issues, at server host restarts.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
It really comes down to your clients security and governance, and accessing the Risk of another iSCSi Client accessing data on these LUNs, and what other access and restrictions exist on these LUNs, e.g. access granted by IQN? is this a secure storage network? how can you obtain access to this LAN, where is the LAN etc

50% of our clients use it, 50% of our clients dont!
0
 
sara2000Author Commented:
Thanks Andrew,
How difficult is to administrator iscsi with CAHP in vmware esxi environment?
Is it one time configuration? Will it reconnect if Esxi reboot without administrator interference?
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
do you require any more additional help to close this question?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.