This post is more than 5 years old
1 Rookie
•
8 Posts
0
2012
October 23rd, 2017 05:00
Unity support for iSCSI and IPSEC
Hi
Can we encrypt data in flight form the Unity to the hosts and vice versa when using iSCSI as protocol.
No Events found!
This post is more than 5 years old
1 Rookie
•
8 Posts
0
2012
October 23rd, 2017 05:00
Hi
Can we encrypt data in flight form the Unity to the hosts and vice versa when using iSCSI as protocol.
Top
Rainer_EMC
4 Operator
•
8.6K Posts
0
October 23rd, 2017 06:00
no
Heiko4444
1 Rookie
•
8 Posts
0
October 23rd, 2017 06:00
Thank you for your prompt feedback.
We need to implement network layer security to achieve this or is there a different Dell EMC way to encrypt iSCSI traffic from the Unity?
crklosterman
450 Posts
1
October 23rd, 2017 06:00
But keep in mind, it's iSCSI, it's block traffic over an IP network, not plain-text files as SMB. Although you may not encrypt it (do you encrypt your FC network?), most people will configure secure authentication using CHAP or some more advanced derivative. Because the hosts that access the iSCSI LUN must be masked and mapped in properly using storage groups and the IQN, and then layering on top of that the CHAP authentication, one might argue that it's perhaps a bit more secure than fiber-channel. (except that it's using an IP network, instead of dedicated FC network).
Anyway just some perspective.
~Chris
Rainer_EMC
4 Operator
•
8.6K Posts
0
October 23rd, 2017 06:00
you would have to do that on the network equipment - I am not aware of another way on Unity for ISCSI
only the built-in Data at Rest Encryption
For CIFS you could use SMB3 protocol encryption for in-flight