Protecting Transmitted
Data
A primary security
risk in iSCSI SANs is that an attacker might sniff transmitted storage data.
Neither the iSCSI adapter nor
the
ESXi
host iSCSI
initiator encrypts the data that it transmits to and from the targets, making
the data vulnerable to sniffing attacks. You must therefore take additional
measures to prevent attackers from easily seeing iSCSI data.
Allowing your virtual machines
to share virtual switches and VLANs with your iSCSI configuration potentially
exposes iSCSI traffic to misuse by a virtual machine attacker. To help ensure
that intruders cannot listen to iSCSI transmissions, make sure that none of
your virtual machines can see the iSCSI storage network.
Protect your system by giving
the iSCSI SAN a dedicated virtual switch.
- If you use an independent hardware iSCSI adapter, make sure that the iSCSI adapter andESXiphysical network adapter are not inadvertently connected outside the host. Such a connection might result from sharing a switch.
- If you use dependent hardware or software iscsi adapter, which usesESXinetworking, configure iSCSI storage through a different virtual switch than the one used by your virtual machines.
You can also configure your
iSCSI SAN on its own VLAN to improve performance and security. Placing your
iSCSI configuration on a separate VLAN ensures that no devices other than the
iSCSI adapter can see transmissions within the iSCSI SAN. With a dedicated
VLAN, network congestion from other sources cannot interfere with iSCSI
traffic.