1) SERVER Server is a computer program running to serve the requests of the clients A host has three key physical

components: Central processing unit (CPU), Storage (such as internal memory and disk devices) and nput!"utput ( !") devices !" devices ena#le sending and receiving data to and from a host$ Communication #et%een various devices takes place in the follo%ing %ay: User to host communications: &andled #y #asic !" devices, such as the key#oard, mouse, and 'onitor$ (hese devices ena#le users to enter data and vie% the results of operations$ Host to host communications: )na#led using devices such as a *et%ork nterface Card (* C) or modem$ Host to storage device communications: &andled #y a &ost +us Adaptor (&+A) &+A is an Application,specific integrated circuit (AS C) #oard that performs !" interface functions #et%een the host and the storage, relieving the CPU from additional !" processing %orkload$ &+As also provide connectivity outlets kno%n as ports to connect the host to the storage device$ A host may have multiple &+As$ -ollo%ing are the logical components of a host: Application , nterface #et%een user and the host Operating system , .esides #et%een the applications and the hard%are File system , -ile is a collection of related records or data stored as a unit , -ile system is hierarchical structure of files Volume manager , A /olume 0roup is created #y grouping together one or more Physical /olumes$ evice drivers , )na#les operating system to recogni1e the device Types of servers n a general net%ork environment the follo%ing types of servers may #e found$ Application server, a server dedicated to running certain soft%are applications Catalog server, a central search point for information across a distri#uted net%ork Communications server, carrier,grade computing platform for communications net%orks 2ata#ase server, provides data#ase services to other computer programs or computers -a3 server, provides fa3 services for clients -ile server, provides file services 0ame server, a server that video game clients connect to in order to play online together &ome server, a server for the home *ame server or 2*S server Print server, provides printer services

Pro3y server, acts as an intermediary for requests from clients seeking resources from other servers Sound server, provides multimedia #roadcasting, streaming$ Standalone server, an emulator for client4server (%e#,#ased) programs 5e# server, a server that &((P clients connect to in order to send commands and receive responses along %ith data contents Almost the entire structure of the nternet is #ased upon a client4server model$ &igh, level root name servers, 2*S servers, and routers direct the traffic on the internet$ (here are millions of servers connected to the nternet, running continuously throughout the %orld$ 5orld 5ide 5e# 2omain *ame System ),mail -(P file transfer Chat and instant messaging /oice communication Streaming audio and video "nline gaming 2ata#ase servers /irtually every action taken #y an ordinary nternet user requires one or more interactions %ith one or more servers$ (here are also technologies that operate on an inter,server level$ "ther services do not use dedicated servers6 for e3ample peer,to,peer file sharing, some implementations of telephony (e$g$ Skype), and supplying television programs to several users (e$g$ 7ontiki, Sling+o3)$

!) "#$ES OF HAR %S&'S R%VES A( S+S%, SA"A, $A"A, SAS, %S+S%-

"HERE FEA"URES ) * $+%, % E, A"A,

$+%: *peripheral +omponent %nterconnect- 4 provides the interconnection #et%een the CPU and attached devices such as mouse, printer, key#oard, etc$ % E: *%ntegrated evice Electronics- 4 (he term Integrated Drive Electronics refers not 8ust to the connector and interface definition, #ut also to the fact that the drive controller is integrated into the drive, as opposed to a separate controller on or connected to the mother#oard$ A"A: *Advanced "echnology Attachment- 4 A(A, is an interface standard for the connection of storage devices such as hard disks, solid,state drives, floppy drives, and optical disc drives in computers$ S+S%: *Small +omputer System %nter.ace- 4 is a set of standards for physically connecting and transferring data #et%een computers and peripheral devices$ $A"A: *$arallel Advanced "echnology Attachment- 4 Parallel A(A (PA(A), originally A(A, is an interface standard for the connection of storage devices such as hard disks, solid,state drives, floppy drives, and optical disc drives in computers SA"A: *Serial Advanced "echnology Attachment- 4 is a computer #us interface for connecting host #us adapters to mass storage devices such as hard disk drives and

optical drives$ Serial A(A %as designed to replace the older A(A (A( Attachment) standard (also kno%n as ) 2)), offering several advantages over the older parallel A(A (PA(A) interface: SAS: *Serial Attached Small +omputer System %nter.ace- 4 is a computer #us used to move data to and from computer storage devices such as hard drives and tape drives$ %S+S%: *%nternet Small +omputer System %nter.ace- 4 P #ased protocol used to connect host and storage /agnetic "ape 4 9o% cost solution for long term data storage 4 9imitations Sequential data access, Single application access at a time, Physical %ear and tear and Storage!retrieval overheads Optical is0s 4 Popularly used as distri#ution medium in small, single,user computing environments 4 5rite once and read many (5".'): C2,."', 2/2,."' 4 9imited in capacity and speed is0 rive 4 'ost popular storage medium %ith large storage capacity 4 .andom read!%rite access deal for performance intensive online application 1) RA% "echnology

RA% : .edundant Array of ne3pensive 2isks is a technology that provides increased storage functions and relia#ility through redundancy$ RA% 2evels : Striped array %ith no fault tolerance ; 2isk mirroring *ested .A 2 (i$e$, ; < :, : < ;, etc$) = Parallel access array %ith dedicated parity disk > Striped array %ith independent disks and a dedicated parity disk ? Striped array %ith independent disks and distri#uted parity @ Striped array %ith independent disks and dual distri#uted parity RA% 3: 2ata striping %ithout redundancy (no protection) /inimum num4er o. drives: A Strengths: &ighest performance$ 5ea0nesses: *o data protection6 "ne drive fails, all data is lost$

R%VE 1 !

R%VE

2ata A 2ata + 2ata C 2ata 2 2ata ) 2ata RA% 1: 2isk mirroring /inimum num4er o. drives: A Strengths: /ery high performance6 /ery high data protection6 /ery minimal penalty on %rite performance$ 5ea0nesses: &igh redundancy cost overhead6 #ecause all data is duplicated, t%ice the storage capacity is required$ uple6ing Host R%VE ! 2ata A 2ata + 2ata C /irrored ata Standard Host Adapter 1 R%VE 1 2ata A 2ata + 2ata C Original ata Standard Host Adapter ! R%VE ! 2ata A 2ata + 2ata C /irrored ata

/irroring Standard Adapter R%VE 1 2ata A 2ata + 2ata C Original ata

RA%

!: *o practical use /inimum num4er o. drives: *ot used in 9A* Strengths: Previously used for .A' error environments correction (kno%n as &amming Code) and in disk drives #efore he use of em#edded error correction$ 5ea0nesses: *o practical use6 same performance can #e achieved #y .A 2 = at lo%er cost$

RA%

1: +yte,level data striping %ith dedicated parity drive /inimum num4er o. drives: = Strengths: )3cellent performance for large, sequential data requests$ 5ea0nesses: *ot %ell,suited for transaction,oriented net%ork applications6 Single parity drive does not support multiple, simultaneous read and %rite requests$ 7: +lock,level data striping %ith dedicated parity drive

RA%

/inimum num4er o. drives: = (*ot %idely used) Strengths: 2ata striping supports multiple simultaneous read requests$ 5ea0nesses: 5rite requests suffer from same single parity,drive #ottleneck as .A 2 =6 .A 2 ? offers equal data protection and #etter performance at same cost$

RA%

8: +lock,level data striping %ith distri#uted parity /inimum num4er o. drives: = Strengths: +est cost!performance for transaction,oriented net%orks6 /ery high performance, very high data protection6 Supports multiple simultaneous reads and %rites6 can also #e optimi1ed for large, sequential requests$ 5ea0nesses: 5rite performance is slo%er than .A 2 : or .A 2 ;$ R%VE ! 1 R%VE

R%VE 1 Parity A 2ata +

2ata A 2ata A Parity + 2ata + Parity C

2ata C 2ata C

RA% 31 93:1) and RA% 13 91:3): Com#ination of .A 2 : (data striping) and .A 2 ; (mirroring)$ .A 2 :; (:<;) is a mirrored configuration of t%o striped sets (mirror of stripes)6 .A 2 ;: (;<:) is a stripe across a num#er of mirrored sets (stripe of mirrors)$ .A 2 ;: provides #etter fault tolerance and re#uilds performance than .A 2 :;$ +oth array types provide very good to e3cellent overall performance #y com#ining the speed of .A 2 : %ith the redundancy of .A 2 ; %ithout requiring parity calculations$ /inimum num4er o. drives: > Strengths: &ighest performance, highest data protection (can tolerate multiple drive failures)$ 5ea0nesses: &igh redundancy cost overhead6 #ecause all data is duplicated, t%ice the storage capacity is required6 requires minimum of four drives$ RA% 31 93:1 mirror o. stripes) R%VE ! 2ata A 2ata + 2ata C Original ata R%VE 1 mA m+ mC /irrored ata R%VE 7 mA m+ mC /irrored ata

R%VE 1 2ata A 2ata + 2ata C Original ata

RA%

13 91:3 stripe o. mirrors) R%VE ! mA mC m) /irrored ata R%VE 1 2ata + 2ata 2 2ata Original ata R%VE 7 m+ m2 m/irrored ata

R%VE 1 2ata A 2ata C 2ata ) Original ata

7) (E"5OR& +O(+E$"S ) * 2A(, 5A( (E"5OR&: A computer net;or0, often simply referred to as a net%ork, is a collection of hard%are components and computers interconnected #y communications channels that allo% sharing of resources and information 2A(: A local area net;or0 (9A*) is a computer net%ork that interconnects computers in a limited area such as home, school, computer la#oratory or office #uilding$ 5A(: A ;ide area net;or0 (5A*) is a telecommunication net%ork that covers a #road area (i$e$, any net%ork that links across metropolitan, regional, or national #oundaries)$ +usiness and government entities utili1e 5A*s to relay data among employees, clients, #uyers, and suppliers from various geographical locations$ <A(: A glo4al area net;or0 (0A*) is a net%ork used for supporting mo#ile communications across an ar#itrary num#er of %ireless 9A*s, satellite coverage areas, etc$ A net;or0 topology is the layout of the interconnections of the nodes of a computer net%ork$ Common layouts are: A 4us net;or0: all nodes are connected to a common medium along this medium$ (his %as the layout used in the original )thernet, called ;:+AS)? and ;:+AS)A$ A star net;or0: all nodes are connected to a special central node$ (his is the typical layout found in a 5ireless 9A*, %here each %ireless client connects to the central 5ireless access point$ A ring net;or0: each node is connected to its left and right neigh#or node, such that all nodes are connected and that each node can reach each other node #y traversing nodes left, or right%ards$ (he -i#er 2istri#uted 2ata nterface (-22 ) made use of such a topology$ A mesh net;or0: each node is connected to an ar#itrary num#er of neigh#ors in such a %ay that there is at least one traversal from any node to any other$

8) S5%"+HES S%itches are the foundation for high,performance connectivity in storage, P, and converged net%ork environments, these highly relia#le, scala#le, and availa#le s%itches are designed for a %ide range of environmentsBena#ling a lo% (C" and fast ." $ 'a8or manufacturers of -i#re Channel s%itches are: A((", +rocade, Cisco, 'c2ata and C9ogic$ A""O (echnology: o S%itches: D=:D, D=;@ and D=A> =rocade: o S%itches: @?;:, ?=:: (D: ports), ?;::(>: ports), ?:::, >E::, A>::, AD::, =D::, =E::, >;::, =::(A> ports), A::) o 2irectors: ;A:::, A>:::, >D:::, 2CF +ack#one and 2CF D?;: o 'ore complete list in +rocade Communications Systems article$ +isco: o S%itches: Cisco '2S E:;@, E:A:, E:=A, E;;A, E;A:, E;A>, E;A>e, E;=>, E;>:, E;>D, EA;@, EA;@i, EAAAi, E=:A, E=:>, E=:D o 2irectors: Cisco '2S E?:@, E?:E, E?;=, E?=:, E?@: /c ata (no% acquired and re#randed #y +rocade): o S%itches: =A=A o 2irectors: @:@>, @;>:, ;:::: >2ogic: o S%itches: SA*#o3 ?D::, ?@::, ?A::, =:?:, ;>:: o 2irectors ! 'odular Chassis S%itches: SA*#o3 E::: =rocade So.t;are (he +rocade product portfolio also includes net%ork management applications$ SA* 'anagement Soft%are o 2ata Center -a#ric 'anager (2C-') o )nterprise -a#ric Connectivity 'anager ()-C') (from 'c2A(A) o -a#ric 'anager o &ost Connectivity 'anager (&C') o SA* &ealth SA* Application 'odules o 2ata 'igration 'anager (2'') P *et%ork 'anagement Soft%are o ron /ie% *et%ork 'anager ( *') +isco So.t;are nternet%ork "perating System ( "S) *F,"S "S,F. Cisco Active *et%ork A#straction

Cisco -a#ric 'anager Cisco AnyConnect Secure 'o#ility Client Cisco Systems /P* Client Cisco /ie% 2ata Center 'anagement and Automation 4 Cisco ntelligent Automation Cisco (idal )nterprise Scheduler Cisco 5orks *et%ork 'anagement soft%are Clean Access Agent, Cisco *AC Appliance Cisco )os Packet (racer, didactic net%ork simulator Cisco *et%ork 'agic Pro Cisco Unified Communications 'anager Cisco P Communicator Cisco Cuad Cisco Security 'anager 5e#)3 Colla#oration (ools

?) F%=RE +HA((E2S )* 2A#ERS, "O$O2O<%ES, $OR"S Fi4re +hannel, or F+, is a giga#it,speed net%ork technology primarily used for storage net%orking (here are three ma8or -i#re Channel topologies ;$ $oint@to@$oint (FC-P2P)$ (%o devices are connected directly to each other$ (his is the simplest topology, %ith limited connectivity$ G;H A$ Ar4itrated loop (FC-AL)$ n this design, all devices are in a loop or ring, similar to token ring net%orking$ Adding or removing a device from the loop causes all activity on the loop to #e interrupted$ (he failure of one device causes a #reak in the ring$ -i#re Channel hu#s e3ist to connect multiple devices together and may #ypass failed ports$ A loop may also #e made #y ca#ling each port to the ne3t in a ring$ o A minimal loop containing only t%o ports, %hile appearing to #e similar to -C,PAP, differs considera#ly in terms of the protocol$ o "nly one pair of ports can communicate concurrently on a loop$ o 'a3imum speed of D0-C$ =$ S;itched .a4ric (FC-SW)$ All devices or loops of devices are connected to -i#re Channel s%itches, similar conceptually to modern )thernet implementations$ Advantages of this topology over -C,PAP or -C,A9 include: (he s%itches manage the state of the fa#ric, providing optimi1ed interconnections$ (he traffic #et%een t%o ports flo%s through the s%itches only, it is not transmitted to any other port$ -ailure of a port is isolated and should not affect operation of other ports$ 'ultiple pairs of ports may communicate simultaneously in a fa#ric

F+ 2ayers: F+7 B $rotocol /apping layer, in %hich application protocols, such as SCS or P, are encapsulated into a P2U for delivery to -CA6 F+1 B +ommon Services layer, a thin layer that could eventually implement functions like encryption or .A 2 redundancy algorithms6 F+! B (et;or0 layer, defined #y the F+@$%@! standard, consists of the core of -i#re Channel, and defines the main protocols6 F+1 B ata 2in0 layer, %hich implements line coding of signals6 F+3 B $hysical 2ayer, includes ca#ling, connectors etc$6 (he follo%ing types of ports are defined #y -i#re Channel: (ode ports (Aport is a port on the node (e$g$ host or storage device) used %ith #oth -C, PAP or -C,S5 topologies$ Also kno%n as (ode port$ (2Aport is a port on the node used %ith an -C,A9 topology$ Also kno%n as (ode 2oop port$ FAport is a port on the s%itch that connects to a node point,to,point (i$e$ connects to an *Iport)$ Also kno%n as Fa4ric port$ An -Iport is not loop capa#le$ F2Aport is a port on the s%itch that connects to a -C,A9 loop (i$e$ to *9Iports)$ Also kno%n as Fa4ric 2oop port$ EAport is the connection #et%een t%o fi#re channel s%itches$ Also kno%n as an E6pansion port$ 5hen )Iports #et%een t%o s%itches form a link, that link is referred to as an inter,s%itch link (%S2)$ EBAport is the connection #et%een a fi#re channel router and a fi#re channel s%itch$ "n the side of the s%itch it looks like a normal )Iport, #ut on the side of the router it is a )FIport$ "EAport C a Cisco addition to -i#re Channel, no% adopted as a standard$ t is an e3tended S9 or E%S2$ (he ()Iport provides not only standard )Iport functions #ut allo%s for routing of multiple /SA*s (/irtual SA*s)$ (his is accomplished #y modifying the standard -i#re Channel frame (vsan tagging) upon ingress!egress of the /SA* environment$ Also kno%n as "run0ing EAport$ VEA$ort an *C (S (;; addition, -C P interconnected ),Port! S9, i$e$ fa#rics %ill merge$ VEBA$ort a *C (S (;; addition, is a -C P interconnected )F,Port, routing needed via lsan 1oning to connect initiator to a target$ <eneral 9catch@all) types Auto or auto@sensing port found in Cisco s%itches, can automatically #ecome an )I, ()I, -I, or -9Iport as needed$ F6Aport a generic port that can #ecome a -Iport (%hen connected to a *Iport) or a -9Iport (%hen connected to a *9Iport)$ -ound only on Cisco devices %here oversu#scription is a factor$ <Aport or generic port on a s%itch can operate as an )Iport or -Iport$ -ound on +rocade and 'c2ata s%itches$

2Aport is the loose term used for any ar#itrated loop port, *9Iport or -9Iport$ Also kno%n as 2oop port$ UAport is the loose term used for any ar#itrated port$ Also kno%n as Universal port$ -ound only on +rocade s%itches$$$$$

Port 55* is the -C net%ork 2 for the particular s%itch port$ All entities in an -C net%ork have a 55*$ *ode 55* is the 55* of the node that is connected to a particular port$ n other %ords it is the 55* of the system or storage device!su#system that is connected to the s%itch port n -i#re Channel, there are three different types of loginBPort 9ogin, -a#ric 9ogin, and *ode 9ogin$ (%o can #e corrupted %ith a spoofed A>,#it fa#ric address$ +efore %e discuss ho% spoofing disrupts these processes, letJs discuss the login types first$ FA=R%+ 2O<%( 9F2O<%), $OR" 2O<%( 9$2O<%), A( (O E 2O<%( 9(2O<%)

Fa4ric 2ogin: is performed #!% an *,port and an ),port$ (o log on to the fa#ric, a device sends a flogi frame %ith the %orld %ide *ode name (55**) and %orld%ide port *ame (55P*) parameters to the login service at the %ell kno%n -C address$ $ort 2ogin: is performed #!% an *,port and another *,port to esta#lish a session the intiator *,port sends a plogi request frame to the target *,port, %hich accepts it$ (he target *,port returns an all to the initiator *,port$ (he -a#ric 9ogin (-9"0 ) process allo%s a node to log in to the fa#ric and receive an assigned address from a s%itch$ (he -9"0 occurs %ith any node (*IPort or *9IPort) that is attached to the fa#ric$ (he *IPort or *9IPort %ill carry out the -9"0 %ith a near#y s%itch$ (he node (*IPort or *9IPort) %ill send a -9"0 frame that contains its node name, its *IPort name, and any service parameters$ 5hen the node sends its information to the address of :3-----), it uses the A>,#it source address of :3:::::: #ecause it hasnJt received a legitimate A>,#it address from the fa#ric yet$ (he -9"0 %ill #e sent to the %ell,kno%n fa#ric address of :3-----), %hich is similar to the #roadcast address in an P net%ork (though not the same)$ (he -C s%itches and fa#ric %ill receive the -9"0 at the address of :3-----)$ After a s%itch receives the -9"0 , it %ill give the *IPort or *9IPort a A>,#it address that pertains to the fa#ric itself$ (his A>,#it address %ith #e in the form of 2omain,Area,Port address from, %here the 2omain is the unique domain name ( 2) of the fa#ric, Area is the unique area name ( 2) of the s%itch %ithin the domain, and Port is the unique name ( 2) of each port %ithin the s%itch in the fa#ric$ +elo% ta#le sho%s ho% the A>,#it address is made$ A>,+it addresses !7@=it Address escription "ype D,#it domain Unique domain 2 in a fa#ric$ /alid domain 2s

name D,#it name D,#it name

are #et%een ; and A=E$ area Unique area 2 on a s%itch %ithin a fa#ric$ /alid area 2s are #et%een : and A??$ port Unique area 2 on a s%itch %ithin a fa#ric$ /alid area 2s are #et%een : and A??$

A A>,#it address (port 2) uses the follo%ing formula to determine a nodeJs address: 2omainI 2 3 @??=@ < AreaI 2 3 A?@ < PortI 2 K A> #it Address An e3ample address for and node on the first domain (domain 2 of ;), on the first s%itch (area 2 of :), and the first port (port 2 of ;), %ould #e the follo%ing: ; 3 @??=@ < : 3 A?@ < ; K @??=L (&e3: :3;:::;) After the node has completed the -9"0 and has a valid A>,#it fa#ric address, it %ill perform a Port 9ogin (P9"0 ) to the %ell,kno%n address of :3-----C to register its ne% A>,#it address %ith the s%itchJs name server, as %ell as su#mit information on its @>,#it port 55*, @>,#it node 55*, port type, and class of service$ (he s%itch then registers that A>,#it fa#ric address, along %ith all the other information su#mitted, to the name server and replicates that information to other name servers on the s%itch fa#ric$ -igures A$;> and A$;? sho% the -9"0 and P9"0 processes$

Figure !D17 -9"0 process$

A *ode 9ogin is some%hat similar to a -a#ric 9ogin, #ut instead of logging in to the fa#ric, the node %ould log in to another node directly (node to node communication)$ (he node %ill not receive any information from the fa#ric, #ut %ill receive information from the other node as it relates to )3change 2s ("FI 2 and .FI 2) and session information (SeqI 2 and SeqIC*()$ After this information has #een e3changed, the t%o nodes %ill #egin to communicate %ith each other directly$ F2O<%, $2O<%, A( A RESS S$OOF%(< *o% that %e have esta#lished facts concerning -9"0 , P9"0 , and address spoofing, letJs understand ho% the %eaknesses interrelate them after performing the -9"0 process, an -C node needs to perform a P9"0 to the %ell,kno%n address of :3-----C$ (he P9"0 then registers the A>,#it address of the node to the *ame Server (also referred to as a Simple *ame Server) of the s%itch$ f an entity %ere to spoof their A>,#it fa#ric address and send it to the address of :3-----C, the s%itches %ould see a node performing a P9"0 $ "nce the s%itch receives the information from the P9"0 frame, it %ill register the spoofed A>,#it address of the node to the name serverBthus, polluting the name server %ith incorrect information$ Mou might %onder %hat the #ig deal is since the node has corrupted its o%n information6 ho%ever, consider the fact that the A>,#it address is used for hard and soft 1oning$ -or e3ample, letJs say the A>,#it address of @??=L (&e3: :3;:::;) %as allo%ed to route to nodes in 1one A and no other addresses can access that 1one$ A malicious attacker has the address of @??>; (&e3: :3;:::?) and cannot access that 1one$ (he malicious attacker can spoof (change) their A>,#it address to match @??=L (:3;:::;) and then route frames to the restricted 1one A, despite #eing unauthori1ed to do so$ Spoofing the A>,#it address during P9"0 negates any route, #ased 1oning rules that may have #een applied$ (he simple process of spoofing no% creates the a#ility to route (hop) across hard and soft 1oning rules$ -igure A$;@ sho%s the -9"0 !P9"0 spoofing process$

E) FO(%(< Noning is one method of resource allocation$

Zoning enables servers to more efficiently run a network,

Noning is a logical separation of traffic #et%een host and resources$ Noning can #e categori1ed into three types: $ort Goning: t uses the -C addresses of the physical ports to define 1ones$ n port 1oning, access to data is determined #y the physical s%itch port to %hich a node is connected$ (he -C address is dynamically assigned %hen the port logs on to the fa#ric$ (herefore, any change in the fa#ric configuration affects 1oning$ Port 1oning is also called hard zoning$ Although this method is secure, it requires updating of 1oning configuration information in the event of fa#ric reconfiguration$ 55( Goning: t uses 5orld 5ide *ames to define 1ones$ 55* 1oning is also referred to as soft zoning$ A ma8or advantage of 55* 1oning is its fle3i#ility$ t allo%s the SA* to #e re,ca#led %ithout reconfiguring the 1one information$ (his is possi#le #ecause the 55* is static to the node port$ /i6ed Goning: t com#ines the qualities of #oth 55* 1oning and port 1oning$ Using mi3ed 1oning ena#les a specific port to #e tied to the 55* of a node$ $ersistent =inding: &ost,#ased 1oning can include 55* or 9U* masking, and is typically kno%n as Opersistent #inding$P

2U( mas0ing: 9ogical Unit *um#er 'asking or 9U* masking is an authori1ation process that makes a 9ogical Unit *um#er availa#le to some hosts and unavaila#le to other hosts. H) S"ORA<E +O(+E$"S ) * AS, (AS, SA(,%$SA( Storage: 2ata created #y individuals or #usinesses must #e stored so that it is easily accessi#le for further processing 4 ndividuals 4 2igital cameras, cell phones, hard disks 4 +usinesses 4 &ard disks, )3ternal disk arrays, tape li#raries irect@attached storage 9 AS): (his type of storage connects directly to a server (host) or a group of servers in a cluster$ Storage can #e either internal or e3ternal to the server$ )3ternal 2AS alleviated the challenges of limited internal storage capacity$ Storage area net;or0 9SA(): (his is a dedicated, high,performance -i#re Channel (-C) net%ork to facilitate #lock,level communication #et%een servers and storage$ Storage is partitioned and assigned to a server for accessing its data$ SA* offers scala#ility, availa#ility, performance, and cost #enefits compared to 2AS$ (et;or0@attached storage 9(AS): (his is dedicated storage for file serving applications$ Unlike a SA*, it connects to an e3isting communication net%ork (9A*) and provides file access to &eterogeneous clients$ +ecause it is purposely #uilt for providing storage to file server applications, it offers higher scala#ility, availa#ility, performance, and cost #enefits compared to general purpose file servers$ %nternet $rotocol SA( 9%$@SA(): "ne of the latest evolutions in storage architecture, P,SA* is a convergence of technologies used in SA* and *AS$ P,SA* provides #lock,level communication across a local or %ide area net%ork (9A* or 5A*), resulting in greater consolidation and availa#ility of data$ I) S"ORA<E =OB +O((E+"%V%"#

SA( +onnectivity

(AS +onnectivity

DAS connectivity

13)SA( =OBES ) E/+ * /O E2S, AR+H%"E+"URE, FEA"URES, "#$ES-

(here are +', )'C, &itachi and &P Series of Storage Array +o3es$ Some of Storage Array #o3 models are as follo%s E/+ $roducts Clariion CF=,>:, CF;A:, CFA>:, CF>D:, CFE@:, *S>:, /*F?;::, /*F?=::, /*F??::, /*F?L::, /*FL?::, /*Fe Series, 2'F Series, /'AF etcQ

Fact Sheet E6ample .or V(BE833 9o. Any Environment Array =o6es)
=loc0 +omponents 'in!'a3 2rives Array )nclosure 2rive )nclosure "ptions (2A)) Stand#y Po%er System .aid "ptions CPU!'emory per Array V(BE833 >!;::: AU 2isk Processor )nclosure (*o drives) A?3A$?P SAS!-lash drives 4 A U$ ;?3=$?P SAS!-lash drives 4 = U ;U ;$A75 :!;!;:!=!?!@ ntel Feon ?@::!>D 0+

'a3 +lock Ultra-le3 " 'odules per ;: Array )m#edded " Ports per Array : 'a3 (otal Pors per Array =A A!>!D 0#!s -C 'a3 Ports per Array =A ; 0#ase( iSCS 'a3 (otal Ports per ;@ Array ;: 0#) iSCS 'in!'a3 (otal Ports per ;A Array 'a3 -co) (otal Ports per Array ;@ @ 0#!s SAS +uses (> 9anes per +us) > or D (consumes A or > Ultra-le3 " modules per array) for 2A) Connections Other 'anagement nterfaces 9A* A 3 ;:!;::!;::: Copper 0#) Functional 2imits 'a3 .a% Capacity ;,EL> (+ 'a3 SA* &osts D,;EA 'a3 *um#er of Pools @: 'a3 *um#er of 9U*s D$;EA 'a3 9U* Si1e ;> (+ (/irtual Pool 9U*) 'a3 -ile System Si1e ;@ (+ 'a3imum Usa#le -ile Capacity per F, A?@ (+ +lade +lock "SJs Plus -ile "SJs see ),9a# *avigator and "S Support *AS Support 'atri3 on Po%erlink

Symmetrix VMAX Maximum Drives Architecture Maximum Integrated Directors onnection !y"es Maximum onnectivity 2400 Virtual Matrix Architecture 16 FC, FICON, Giga it !ther"et, i#C#I $% t& 12' %&rt( )e%e")i"g &" c&""ecti&" t*%e 360

Symmetrix VMAX SE

Symmetrix DMX- Symmetrix DMX4 4 950 2400 Direct Matrix Architecture N/A FC, FICON, !#CON, Giga it !ther"et, i#C#I $% t& 64 %&rt( )e%e")i"g &" c&""ecti&" t*%e ' +G ! #,DF 360 Direct Matrix Architecture N/A FC, Giga it !ther"et, i#C#I $% t& 16 %&rt( )e%e")i"g &" c&""ecti&" t*%e ' +G ! #,DF

Virtual Matrix Architecture 2 FC, FICON, Giga it !ther"et, i#C#I $% t& 16 %&rt( )e%e")i"g &" c&""ecti&" t*%e 4 +FC &r G !

Maximum S#D$ 32 +FC &r G !

%orts

#,DF %&rt(-

#,DF %&rt(-

%&rt(-

%&rt(-

%=/ $roducts +' 'id .ange 9evel products 2S?:A: )3press, 2S?;::, 2S?=::, )FP=E?!)FP?A: etcQ +' &igh .ange 9evel Products F /, 2SD:::, 2SD;::, 2SD=::, 2SDL::, 2SDD::

H$ $roducts &P =PA. Product (ypes ./ 3/A, F0Cla(( #t&rage #*(te1( ./ 3/A, 20Cla(( #t&rage #*(te1( ./ P@:::!)/A disk arrays ./ 4400 !"ter%ri(e Virtual Arra* ./ /6000 !"ter%ri(e Virtual Arra* #*(te1( ./ 6400/'400 !"ter%ri(e Virtual Arra* ./ PA:::!'SA disk arrays ./ /2000 G3 M#A Arra* #*(te1( .% PE:::!FP disk arrays ./ /3000 4/ Di(5 Arra*( .% P>::: SA* solutions ./ /4000 G2 #AN #&luti&"(

11)SA( =AS%+S, SA( SE"U$ SA(: GStorage area *et%orkingH , 2edicated high speed net%ork of servers and shared storage devices Provides storage consolidation and centrali1ation -eatures of an array 4 &igh Availa#ility!.edundancy 4 Performance 4 +usiness Continuity 4 'ultiple host connect A SA* is a speciali1ed highRspeed net%ork of storage devices and s%itches connected to computer systems$ (his %hite paper refers to the computer systems as servers or hosts$ A SA* presents shared pools of storage devices to multiple servers$ )ach server can access the storage as if it %ere directly attached to that server$ A SA* supports

centrali1ed storage management$ SA*s make it possi#le to move data #et%een various storage devices, share data #et%een multiple servers, and #ackup and restore data rapidly and efficiently$ n addition, a properly configured SA* facilitates #oth disaster recovery and high availa#ility$ (he SA* components interact as follo%s: ; 5hen a host %ants to access a storage device on the SA*, it sends out a #lockR#ased access request for the storage device$ A SCS commands are encapsulated into -C packets$ (he request is accepted #y the &+A for that host and is converted from its #inary data form to the optical form required for transmission on the fi#er optic ca#le$ = At the same time, the request is packaged according to the rules of the -C protocol$ > (he &+A transmits the request to the SA*$ ? 2epending on %hich port is used #y the &+A to connect to the fa#ric, one of the SA* s%itches receives the request and sends it to the storage processor, %hich sends it on to the storage device$ SA( +omponents (he components of an -C SA* can #e grouped as follo%s and are discussed #elo%: &ost Components$ -a#ric Components$ Storage Components$ Host +omponents (he host components of a SA* consist of the servers themselves and the components that ena#le the servers to #e physically connected to the SA*$ H=As are located in the servers, along %ith a component that performs digitalRtoR optical signal conversion$ )ach host connects to the fa#ric ports through its &+As$ H=A drivers running on the servers ena#le the servers$ operating systems to communicate %ith the &+A$ Fa4ric +omponents All hosts connect to the storage devices on the SA* through the SA* fa#ric$ (he net%ork portion of the SA* consists of the follo%ing fa#ric components: SA( S;itches: SA* s%itches can connect to servers, storage devices, and other s%itches, and thus provide the connection points for the SA* fa#ric$ (he type of SA* s%itch, its design features, and its port capacity all contri#ute to its overall capacity, performance, and fault tolerance$ (he num#er of s%itches, types of s%itches, and manner in %hich the s%itches are interconnected define the fa#ric topology$ -or smaller SA*s, the standard SA* s%itches (called modular s%itches) can typically support ;@ or A> ports (though some =ARport modular s%itches are #ecoming availa#le)$ Sometimes modular s%itches are interconnected to create a faultRtolerant fa#ric$ -or larger SA* fa#rics, directorRclass s%itches provide a larger port capacity (@> to ;AD ports per s%itch) and #uiltRin fault tolerance$

ata Routers: 2ata routers are intelligent #ridges #et%een SCS devices and -C devices in the SA*$ Servers in the SA* can access SCS disk or tape devices in the SA* through the data routers in the fa#ric layer$ +a4les SA* ca#les are usually special fi#er optic ca#les that are used to connect all of the fa#ric components$ (he type of SA* ca#le and the fi#er optic signal determine the ma3imum distances #et%een SA* components and contri#ute to the total #and%idth rating of the SA*$ +ommunications $rotocol -a#ric components communicate using the -C communications protocol$ -C is the storage interface protocol used for most of today$s SA*s$ -C %as developed as a protocol for transferring data #et%een t%o ports on a serial !" #us ca#le at high speeds$ -C supports pointRtoRpoint, ar#itrated loop, and s%itched fa#ric topologies$ S%itched fa#ric topology is the #asis for most current SA*s$ Storage +omponents (he storage components of a SA* are the storage arrays$ Storage arrays include storage processors (SPs)$ (he SPs are the front end of the storage array$ SPs communicate %ith the disk array (%hich includes all the disks in the storage array) and provide the .A 2!9U* functionality$ Storage $rocessors SPs provide frontRside host attachments to the storage devices from the servers, either directly or through a s%itch$ (he server &+As must conform to the protocol supported #y the storage processor$ n most cases, this is the -C protocol$ Storage processors provide internal access to the drives, %hich can #e using a s%itch or #us architecture$ n highRend storage systems, drives are normally connected in loops$ (his #ackRend loop technology employed #y the SP provides several #enefits: &ighRspeed access to the drives A#ility to add more drives to the loop .edundant access to a single drive from SA( $orts and $ort (aming n the conte3t of this document, a port is the connection from a device into the SA*$ )ach node in the SA* )ach host, storage device, and fa#ric component (router or s%itch) has one or more ports that connect it to the SA*$ Ports can #e identified in a num#er of %ays: 55$(: 5orld 5ide Port *ame A glo#ally unique identifier for a port %hich allo%s certain applications to access the port (he -C s%itches discover the 55P* of a device or host and assign a port address to the device$ $ortA% : (or port address) 5ithin the SA*, each port has a unique port 2 that serves as the -C address for the port$ (his ena#les routing of data through the SA* to that port$ (he -C s%itches assign the port 2 %hen the device logs into the fa#ric$ (he port 2 is valid only %hile the device is logged on$ SA( SE"U$ 5hen you$re ready to set up the SA*, complete these tasks

"o prepare the SA( ; Assem#le and ca#le together all hard%are components and install the corresponding soft%are$ a$ Check the versions$ #$ Set up the &+A$ c$ Set up the storage array$ A Change any configuration settings that might #e required$ = (est the integration$ 2uring integration testing, test all the operational processes for the SA* )nvironment$ (hese include normal production processing, failure mode testing, #ackup functions, and so forth$ > )sta#lish a #aseline of performance for each component and for the entire SA*$ )ach #aseline provides a measurement metric for future changes and tuning$ See ESX Server SAN Config ration ! ide for additional information$ ? 2ocument the SA* installation and all operational procedures$ 1!)SA( V%R"UA2 $ROV%S%O(%(<
RA% <roup 4 A Set of 2isks on %hich traditional 9U*s and 'eta 9U*s can #e created$

"raditional 2U( 4 (he amount of physical space allocated is the same as the user capacity seen #y the host server$ (raditional 9U*s cannot #e created on a pool6 they are al%ays created on a .A 2 group$ /eta 2U( 4 A collection of traditional 9U*s can #e striped and!or concatenated together, and presented to a host as a single 9U*$ Additional 9U*s can #e added to a 'eta 9U* dynamically, allo%ing 'eta 9U*s to #e e3panded on the fly$ $ool 4 A group of disk drives for configuring pool (thick and thin) 9U*s$ (here may #e 1ero or more pools in a storage system$ 2isks can only #e a mem#er of one pool, and they cannot also #e in a .A 2 group$ $ool 2U( 4 A logical unit of storage created on a pool$ A pool 9U* can #e either a thin 9U* or a (hick 9U* "hic0 2U( 4 A type of pool 9U* %here physical Space allocated is equal to the user capacity seen #y the host server$ "hin 2U( 4 A type of pool 9U* %here physical Space allocated can #e less than the user capacity seen #y the host server 2U( /igration 4 A feature that dynamically migrate data to another traditional 9U*, pool 9U*, or 'eta 9U* %ithout disrupting running applications$ Availa4le capacity 4 (he amount of actual physical pool space that is currently not allocated for pool 9U*s +onsumed capacity 4 for a pool, this is the space currently used #y all 9U*s in the pool$ -or a thin 9U*, this is the physical space used #y the 9U*$ -or a thick 9U*, this is the host,visi#le capacity used #y the 9U*$

+onsumed +apacity: -or a pool, this is the Space currently used #y all 9U*Ss in the pool$ -or a thin 9U*, this is the physical space used #y the 9U*$ -or a thick 9U*, this is the host,visi#le capacity used #y the 9U*$ +onsumed +apacity J 9User +onsumed +apacity C 1D3!) : 1<=D ata store: 9U* Presented in the Server side is kno%n and called as data store Storage =+K+A +usiness Copy Continuous Access

)3ternal Storage 2isaster .ecovery (ES R) Solid State 2isk (SS )

Allocated capacity 4 see OConsumed capacityP Oversu4scri4ed capacity 4 (he amount of user capacity configured for pool 9U*s that e3ceed the physical capacity in a pool$ Su4scri4ed capacity 4 (he total amount of physical storage capacity in the pool that is availa#le for poll 9U*s this is also referred to as Ousa#le capacity$P t is measured as ra% disk capacity minus overhead (.A 2 overhead and mapping overhead)$ -or pool 9U*, this is the si1e of the 9U* as it appears to the host$ -or pool 9U*s this is sometimes called host visi#le capacity$ L Full 4 (he percentage of pool capacity that is currently consumed t is calculated using this formula T full K consumed capacity ! User capacity L Full "hreshold 4 A parameter that is set #y the user the system generates an alert %hen this threshold is e3ceeded$ "hreshold alert 4 An alert issued %hen the T-ull threshold has #een e3ceeded$ "hin .riendly 4 A term that is frequently used for file systems and applications that do not preallocate all of the storage space during initiali1ation this term is also used for file system that reuses deleted space #efore consuming additional storage$ +oth of these features improve capacity utili1ation in thin provisioning$ Homogeneous $ools: (hese &omogeneous Pools can #e composed of either fi#re channel or SA(A disk drivers$ Heterogeneous $ools: n %hich pools can consist of different types of drives such as -lash, -C, and SA(A drives$ &eterogeneous Pools, like homogeneous pools, support a single .A 2 protection level$ 2U( /as0ing

9U* masking is commonly used for permission management$ 9U* masking is also referred to as selective storage presentation, access control, and partitioning, depending on the vendor$ 9U* masking is performed at the SP or server level6 it makes a 9U* invisi#le %hen a target is scanned$ (he administrator configures the disk array so each server or group of servers can see only certain 9U*s$ 'asking capa#ilities for each disk array are vendor specific, as are the tools for managing 9U* masking$

11)S(A$V%E5 /%RRORV%E5, S(A$V%E5 +2O(ES, SA( +O$# S(A$V%E5 /%RRORV%E5: Snap /ie% is an application that allo%s the creation of either point,in,time copies of storage system data (called Snapshot) or full, local mirrors (called clones)$ (his feature is sometimes can #e accessed directly #y other applications such as development testing$ (hey can also #e used to offload the #ackup activities from production hosts$ 'irror vie% is soft%are designed for disaster recovery solution #y mirroring local production data to a remote disaster recover site$ t provides an online, host independent, mirrored data storage and protection solution that duplicates production site data (primary) to one or t%o secondary sites (secondary!secondarySs) in a campus environment$ (he mirroring is synchronous, meaning that every time a host %rites to the primary array, the secondary array mirrors the %rite #efore an ackno%ledgement is returned to the host$ Salient Features:@ ;) ndependent of server, operating system, net%ork, applications, and data#ase$ A) Centrali1ed, simplified management via )'C *avisphere$ =) Concurrent information access %hen used %ith Snap/ie%$ >) Synchronous .emote 'irroring +et%een (%o C9A.ii"* Systems$ S(A$V%E5 +2O(ES: Provides a full copy of the data on the source 9U* or additional reada#le!%rita#le copies of the mirror data at the remote site Clones %ould #e used for corruption recovery Snap/ie% clones are fully populated point,in,time copies of 9U*s (9ogical units) that allo% incremental synchroni1ation #et%een the source and destination 9U*s$ 5hen com#ined %ith Sanp/ie% snapshots, %hich provide users point,in,time vie%s of data, clones provide fully populated, point,in,time copies, ma3imi1ing users fle3i#ility in using their storage environment tasks %ith minimal impact to the production data$ (hese tasks include: +ackup!recovery Application testing 5arehousing 2ata movements All the a#ove tasks can use the point,in,time copy of the data to minimi1e on the production server$

SA( +O$#: SA* C"PM is a remote replication application$ ( supports the #ulk transfer of data #et%een or %ithin the Storage systems$ +oth Storage Systems do not have to #e Clariion or )'C Systems using SA* C"PM, 2ata can #e transferred from storage system to another storage system %ithout host involvement$ 17)$O5ER$A"H $O5ER$A"H: Po%erPath is a &ost,resident soft%are solution that enhances performance and information availa#ility$ t integrates multiple path !" capa#ilities, automatic load #alancing, and path failover functions into one comprehensive package for use on open server platforms connected to Symmetri3 enterprise storage systems$ Po%erPath ena#les you to do more %ork in a shorter time so you can serve more customers, run more applications, and e3ploit more #usiness opportunities Po%erpath improves the serverSs a#ility to manage heavy storage loads through continuous and intelligent !" #alancing$

FAS" +A"+H: -ast (echnology can #e used to identify and move the #usy 9U*s residing on a set of #usy 2isks to -lash drives and similarly identify and move the 9U*S residing ideal disks to SA(A drives$ (he cast capa#ility is a very po%erful technology that can improve the (C" of enterprises applications storage deployment #y automatically migrating the data sets to right storage,tiers$