Home > Articles > Networking > Storage

21st Century Oxymorons: Jumbo Shrimp and Fibre Channel SAN

  • Print
  • + Share This
This article focuses on Fibre Channel-based SAN security. Like so many terms in the networking industry, "Storage Area Network" (SAN) boasts a bevy of definitions. Whatever form of SAN you construct must be secure enough to avoid the risk of losing or compromising critical data.
This chapter is from the book

In the last chapter, we looked at the marketecture around networked storage generally—and the Fibre Channel SAN, in particular. SANs originated as a conceptual topology for storage that provided network-based interconnections between servers and an intelligent storage infrastructure, sometimes called a "storage pool" or "storage utility."

Such a SAN was heterogeneous in nature, allowing for the any-to-any interconnection of servers with different operating systems to storage platforms from different vendors. The SAN was also intelligent, capable of recognizing the needs of applications requesting storage services and automatically provisioning applications with whatever storage services that they required. The enhanced manageability of a SAN gave it tremendous integrity as a highly available repository for mission critical data storage. And, SAN security would be more than sufficient to offset the increased risk that unavoidably accompanies increased accessibility.

Figures 3-1 and 3-2 depict the "Holy Grail" SAN as described in Enterprise Network Storage Architecture (ENSA) documentation from Compaq Computers and related writings of the late 1990s.

03fig01.jpgFigure 3-1. The Holy Grail SAN: Heterogeneous storage and server equipment with any-to-any network-based connectivity.




03fig02.gifFigure 3-2. The Holy Grail SAN: A virtual storage resource pool.

The ENSA SAN concept was truly visionary and captured the attention of storage technology producers and consumers. If it came to fruition, the SAN would establish data storage as its own infrastructure—creating a new service tier in the hierarchy of contemporary n-tier client/server computing. It could conceivably make storage infrastructure the solid, well-anchored foundation upon which networks, servers, and applications resided.

In the late 1990s, vendors and pundits alike said that the SAN was an intuitively obvious "next step" in computing. Storage was getting cheaper, with disk prices declining by as much as 50 percent per year. At the same time, however, the volume of data being stored was increasing—by more than 100 percent per year in some companies. That meant more and more storage needed to be fielded, and a lot of storage—like a lot of anything—carried with it a big price tag, both in terms of acquisition and deployment costs and labor expense.

SANS AND CAPACITY ALLOCATION EFFICIENCY

Early on, many advocates of the technology dismissed the huge acquisition and deployment costs of Fibre Channel (FC) SANs as inconsequential—especially when they were weighed against the enormous efficiencies derived from the networked storage topology. Vendors argued that an FC SAN would more than pay for itself by enabling improved capacity allocation efficiency and improved manageability.

The improved manageability of storage gathered into a FC SAN remains a myth that will be explored in greater detail later. The prospect of improved capacity allocation efficiency, however, had a strong appeal to most IT managers. To understand why, one only has to peek into any IT shop in which storage is directly attached to servers.

In virtually every IT shop, some servers have direct attached storage that tends to run out of disk space fairly often. When this happens, a "Disk Full Error" message is typically generated by the server operating system and returned to the application and/or end-user. The server administrator, who is typically responsible for performing all of the storage management and allocation in a distributed client/server setting, gets an earful from a disgruntled end-user, then spends an inordinate amount of time trying to rectify the problem by offloading files to free up space or adding more disk drives into the cabinet of the attached disk array.

Meanwhile, another server, usually located within a stone's throw of the problem server, goes merrily along about its business day in and day out without ever using more than 30 percent of its storage capacity (see Figure 3-3). The server admin looks longingly at the well-behaved server and array and wonders why there is no way to share the excess capacity on the good server's direct attached storage platform with the direct attached storage platform on the bad server, which is always running out of room.

03fig03.jpgFigure 3-3. Capacity allocation inefficiency in server attached storage.


Contained in that notion was a description of capacity allocation efficiency: the stuff, to paraphrase the Bard, that early FC SAN dreams were made of. To a one, FC SAN vendors promised that deploying a SAN would provide organizations with the ability to allocate storage capacity more efficiently across applications. Just "network" the storage into an FC SAN and any available capacity on any storage platform could be harnessed to create dynamically scalable "virtual volumes." Applications and end-users, and especially server administrators, would never see a "Disk Full Error" message again (see Figure 3-4).

03fig04.jpgFigure 3-4. Capacity allocation efficiency with virtual san-based volumes.


From this value proposition of volume virtualization derived several others. For one, vendors claimed that enabling greater capacity allocation efficiency with FC SANs would save customers money. FC SANs would actually pay for themselves by enabling older storage platforms to be kept in service for a longer period of time, deferring the need for new equipment purchases.

Additionally, since networked virtual volumes could scale readily, simply by adding more available capacity to an existing virtual volume as needed by the application, FC SANs would also eliminate the costly downtime brought about by the need to rectify disk space problems. This was, depending on the environment, another potentially huge cost savings of FC SANs—especially with estimates of downtime costs that averaged over $1 million per hour across all U.S. industries based on idle labor considerations alone. (See Figure 3-5.)

03fig05.gifFigure 3-5. Downtime costs as a function of idle labor. (Source: Performance Engineering & Measurement Strategies: Quantifying Performance Loss, META Group, Inc., Stamford, CT. October 2000. Copyright © META Group, Inc. All rights reserved. Used with permission.)


In the final analysis, the promise of capacity allocation efficiency made a compelling case for FC SANs. Unfortunately, it was not a valid one. The reason had to do with the nature of FC SANs themselves and with approaches advanced by the industry to create a virtual storage pool from devices interconnected in a FC fabric.

  • + Share This
  • 🔖 Save To Your Account