The data managed over a SAN is highly sensitive and must be controlled to properly ensure confidentiality, integrity, and availability. This is no different than other IT infrastructures. In fact, an enterprise can simply augment its current corporate security policy to include SAN-specific security items.

It's important to take proactive steps in securing your SAN to prevent misuse or abuse. Your comprehensive security policy should include:

Zoning: Zoning allows you to automatically or dynamically arrange fabric-connected devices into logical groups (zones) across the physical configuration of the fabric. These zones can include selected storage, servers, and workstations within a fabric. Information access is restricted to only the 'member' devices in the defined zone.

Although zone members can access only other members in their zones, individual devices can be members of more than one zone. This approach enables the secure sharing of your storage resources, a primary benefit of storage networks. In addition to improving security, zoning can also help you simplify management of heterogeneous fabrics, maximize storage resources, and segregate storage traffic.

Secure fabric operating systems: A secure fabric OS is zoning's feature. Secure fabric operating systems run on SAN infrastructures, and offer policy-based security. These policies allow you to customize security uniquely to your needs. Secure fabric operating systems help block unauthorized fabric-wide management changes and fabric setting changes, help control server-to-fabric connections, prevent users from arbitrarily adding switches to a fabric, and protect communication between switches and management consoles.