SAN

SAN is an abbreviation of the Storage Area Network. Storage Area Network is a

dedicated, specialized, and high-speed network which provides block-level data
storage. It delivers the shared pool of storage devices to more than one server.

The main aim of SAN is to transfer the data between the server and storage device. It
also allows for transferring the data between the storage systems.

Storage Area networks are mainly used for accessing storage devices such as tape
libraries and disk-based devices from the servers.

It is a dedicated network which is not accessible through the LAN. It consists of hosts,
switches, and storage devices which are interconnected using the topologies,
protocols, and technologies. It is a specialized high‐speed network of storage devices
and FC (Fibre Channel) switches connected to Host or Server via Fibre optic cables.

Host uses the storage from storage arrays as if its local to Host. As the data
communication happens via fibre optics the data speed is high in comparison to NAS
(Network Attached Storage) storage.
Components Of SAN Storage
SAN Components can be divided into 3 layers. Host, Fabric and Storage Layer. These
three layers connect to each other and form a Storage Area Network Each layer has its
own functions.

Below is a very simple architecture diagram of a Storage Area Network.

The basic architecture of SAN storage

Host Layer
The host layer of SAN Storage has servers or hosts. Hosts are basically hardware having
its own resources like CPU, Memory, Disk storage and an Operating system running
on it.

Along with these, it has also dual HBA card (Host Bus Adapter) which connects to the
Fabric Layer of SAN Network.
Fabric Layer
The fabric consists of one or more FC SAN switches. SAN Switch provides connections
between devices in SAN architecture. All Host and storage array connects to the same
FC switch. Thus, it acts as a mediator between Host and Storage.

Typical SAN network has two fabrics for high redundancy. If one Fabric goes down
then other fabric takes care of the data flows in the storage area network.

Storage Layer
In this layer, storage arrays are the important hardware where data resides in physical
disks. Storage Array consist of physical disk. A logical grouping of the physical disk is
called the RAID (Redundant Arrays of Independent Disks) group. A storage admin
assigns a RAID type that protects the data in case of disk failure.

These RAID helps in data recovery whenever a disk failure occurs. There various types
of RAID types. A storage admin has to use different types of RAID types as per
requirement. The most common RAID types are RAID 5 and RAID 6.

Most of the storage arrays have Dual Storage Processors (SPs) which are the front end
of the storage array. This SP has a front-end IO module that has FC ports. These FC
ports connect to SAN switch via FC cables.

Below is an architecture diagram of a typical Storage Area Network that has all
hardware components with redundancy.
 Redundant SAN Architecture

How SAN Storage Works?

When a host from a host layer wants to access a storage device, it sends out a block‐
based access request for the storage device. SCSI commands are encapsulated into FC
packets. Then the Host HBA transmits the FC request to the Storage layer via Fabric.

From the Fabric layer, SAN Switch then sends this request to the Array. In Storage
Array, SP receives the request, processes it and then sends an acknowledgment back
to the host through the same path.
Protocols of SAN
Following are the most common protocols of SAN (Storage Area Network):

o FCP (Fibre Channel Protocol)

o iSCSI
o FCoE
o NVMe

FCP (Fibre Channel Protocol)

It is the most commonly used protocol of the Storage Area Network. It is a mapping
of SCSI command over the Fibre Channel (FC) network.

ISCSI
It stands for Internet SCSI or Internet Small Computer System Interface. It is the
second-largest block or SAN protocol. It puts the SCSI commands inside an ethernet
frame and then transports them over an Internet protocol (IP) ethernet.

FCoE
FCoE stands for "Fibre Channel Over Internet". It is a protocol which is similar to the
iSCSI. It puts the Fibre channel inside the ethernet datagram and then transports over
an IP Ethernet network.

NVMe
NVMe stands for Non-Volatile Memory Express. It is also a protocol of SAN, which
access the flash storage by the PCI Express bus.

Difference between DAS and NAS

1. Directly Attached Storage (DAS) :

The storage device which is permanently attached to a desktop computer. DAS
is for a single user (Hard drive attached to a computer). DAS is well suited for a
small-to-medium sized business where sufficient amounts of storage can be
configured at a low startup cost. The DAS enclosure will be a separate adjacent
cabinet that contains the additional disk drives.
Component of Directly Attached Storage (DAS) –
• Storage devices
• Cables
• Disk Array
• Protocol
• Storage protocols: ATA, SCSI, SAS, SASA, FC

2. Network Attached Storage (NAS) :

This Storage Device is attached on the Local Area Network and used for sharing
of data among different users attached to the Local Area Network. Instead of
accessing data at the sector level, users can access information on file level and
using byte offset over the network. This NAS system is having its own file system,
which is once set with proper configuration of NAS and is not dependent upon
the operating system of computers from which it is connected. This type of
network requires a medium for attaching with several computers. File sharing
protocols like NFS, AFP, or CIFS provide access to files in a network.

Components of Network Attached Storage (NAS) –

1. Head unit: CPU, Memory
2. Network Interface Card (NIC)
3. Optimized operating system
4. Protocols
5. Storage protocols: ATA, SCSI, FC

Difference between DAS and NAS:

SR.NO DAS NAS

DAS stands for Direct Attached NAS stands for Network

1. Storage. Attached Storage.

For backups and recovery, For backups and recovery,

2. Sectors are used. Files are used.

3. It is easy to install. It is moderate to install.

NAS is more complex than

4. DAS is not complex. DAS.
 SR.NO DAS NAS

It is more expensive than

5. It is less expensive. DAS.

For data transmission, IDE/SCSI For data transmission,

6. is used. TCP/IP, Ethernet is used.

Its capacity in bytes is 10^9

7. Its capacity in bytes is 10^9. to 10^12.

It does not allow to share files It allows to share files at

8. at different operating system. different operating system.

Difference between Storage Area Network (SAN) and Network

Attached Storage (NAS)

Storage Area Network (SAN) is used for transferring the data between the servers
and the storage devices’ fibre channels and switches. In SAN (Storage Area
Network), data is identified by disk block. Protocols that are used in SAN are SCSI
(Small Computer System Interface), SATA (Serial Advanced Technology
Attachment), etc.
Components of Storage Area Network (SAN):
1. Node ports
2. Cables
3. Interconnect devices such as Hubs, switches, directors
4. Storage arrays
5. SAN management Software

Network Attached Storage (NAS), data is identified by file name as well as byte
offset. In-Network Attached Storage, the file system is managed by Head units such
as CPU and Memory. In this for backup and recovery, files are used instead of the
block-by-block copying technique.

Components of Network Attached Storage (NAS):

1. Head unit: CPU, Memory
2. Network Interface Card (NIC)
3. Optimized operating system
 4. Protocols
5. Storage protocols: ATA (Advanced Technology Attachment), SCSI, FC
(Fibre Channel)

The difference between Storage Area Network (SAN) and Network Attached
Storage (NAS) are as follows:

SAN NAS

SAN stands for Storage Area NAS stands for Network Attached
Network. Storage.

In NAS (Network Attached Storage),

In SAN (Storage Area Network), data data is identified by file name as well
is identified by disk block. as byte offset.

In SAN (Storage Area Network), the In NAS (Network Attached Storage),

file system is managed by servers. file system is managed by Head unit.

SAN (Storage Area Network) is more NAS (Network Attached Storage) is less
costly. expensive than SAN.

SAN (Storage Area Network) is more NAS (Network Attached Storage) is less
complex than NAS. complex than SAN.

Protocols used in NAS are: File server,

Protocols used in SAN are: CIFS (Common Internet File System),
SCSI, SATA, etc. etc.

For backups and recovery in SAN,

Block by block copying technique is For backups and recovery in NAS, Files
used. are used.

While NAS is not suitable for that

SAN gives high performance in environment which has high speed
high-speed traffic systems. traffic.

NAS is easy to manage and provides a

SAN needs more time and efforts in simple interface for organizing and
organizing and controlling. controlling.
 SAN NAS

SAN does not depend on the LAN

and uses a high-speed fibre channel NAS needs TCP/IP networks and
network. depends on the LAN.

Mostly used in enterprise Applications include small-sized

environments. organizations high-speed and homes.

Compared to SAN, NAS has higher

It has lower latency. latency.

SAN supports virtualization. NAS does not support virtualization.

The working of SAN is not affected The working of NAS is affected by

by network traffic bottlenecks. network traffic bottlenecks.

Advantages of SAN
Following are the advantages or benefits of a Storage Area Network (SAN):

o It is more scalable.
o Security is also a main advantage of SAN. If users want to secure their data,
then SAN is a good option to use. Users can easily implement various
security measures on SAN.
o Storage devices can be easily added or removed from the network. If users
need more storage, then they simply add the devices.
o The cost of this storage network is low as compared to others.
o Another big advantage of using the SAN (Storage Area Network) is better disk
utilization.
Storage Virtualization

Storage virtualization is the pooling of physical storage from multiple storage devices
into what appears to be a single storage device -- or pool of available storage capacity
-- that is managed from a central console. The technology relies on software to identify
available storage capacity from physical devices and to then aggregate that capacity
as a pool of storage that can be used by traditional architecture servers or in a virtual
environment by virtual machines (VMs).

The virtual storage software intercepts input/output (I/O) requests from physical or
virtual machines and sends those requests to the appropriate physical location of the
storage devices that are part of the overall pool of storage in the virtualized
environment. To the user, the various storage resources that make up the pool are
unseen, so the virtual storage appears like a single physical drive that can accept
standard reads and writes.
Types of Storage Virtualization

Host-Based Storage Virtualization

Host-based virtualization is usually in the form of a logical volume manager on a host

that aggregates and abstracts volumes into virtual volumes called logical volumes.
Volume managers also provide advanced storage features such as snapshots and
replication, but they are limited in scalability, as they are tied to a single host. Most
companies don’t consider host-based storage virtualization as a true form of
storage virtualization.

Network-Based (SAN-Based) Storage Virtualization

Network-Based storage virtualization is virtualizing storage at the SAN switch level

which is a very complex type of storage virtualization and also rarely used by
companies. At the network layer, it requires intelligent network switches, or SAN-based
appliances, that perform virtualization of storage arrays.

Controller-Based Storage Virtualization

This is by far the most common form of storage virtualization and consists of an
intelligent storage controllers that can virtualize the storage disks. The SNIA (Storage
Networking Industry Association) categorizes controller-based storage virtualization
as either in-band or out-of-band.

In In-band virtualization, the technology performing the virtualization sits directly

in the data path. This means that all I/O of user data and control data passes through
the technology performing the virtualization. Whereas Out-of-band virtualization
which is also known as asymmetric has the meta data pass through a virtualization
device or appliance and usually require special HBA drivers and agent software
deployed on the host. It is less popular than In-band virtualization.
Benefits of Storage Virtualization

• Data is stored in a very convenient location. This is because if the host failure
data don't get compromised necessarily.
• By using storage level abstraction, it becomes flexible how storage is
provided, protected, partitioned and used.
• Storage Devices are capable of performing advanced functions such as
disaster recovery, duplication, replication of data & re-duplication of data
Storage Area Network Security (SAN Security)
Storage area network (SAN) security refers to the collective measures, processes, tools
and technologies that enable the securing of a SAN infrastructure.

It is a broad process that ensures that the SAN infrastructure operates securely and is
protected from any vulnerabilities.

SAN security generally requires first analysing the underlying SAN infrastructure for
possible loopholes and/or vulnerabilities.

Some of the techniques used for securing a SAN infrastructure include:

• Encrypting data at rest when stored on a SAN infrastructure or storage drives

• Isolating users/departments/organizations using a virtual SAN
• Securing network and communication interfaces
• Implementing an Access Control List (ACL) and digital certificates within the
switch to ensure only authenticated switches join a SAN fabric
• Removing and resolving single points of failure
• Mitigating network-based vulnerabilities such as Simple Network Management
Protocol (SNMP), which is vulnerable to Denial of Service (DoS) attack

SAN security may also involve creating and implementing a SAN backup and recovery
plan to ensure it stays operational even after an attack or threatening incident.