A rough outline on a possible BSidesLV 2015 talk

I want to do a session at this years BSidesLV security. This is my rough outline I just threw together of what I would want to cover.  Submitted it to the CFP.

Any comments? Critiques? Please tweet at me. @jk47theweapon

Introduction to Storage Network Security

Disclaimer:  I am a Principal Technologist at a Storage, Virtualization, and Networking VAR in southeast Pennsylvania.   I am also a member of NetApp’s advocate ATeam.  I design and deploy solution for all products we sell.  Some are in the vendors below, others are not.  I will be as impartial as possible among any pros/cons to any products and technologies below.  Security should have no bias.

About Me
Top Vendors
•    Netapp
•    EMC
•    PureStorage
•    Quantum
•    IBM
•    Dell (Compellent/Equallogic)
•    Hitachi
•    Nexenta
•    Nexsan
•    SolidFire
•    Tintri
•    DotHill
•    NEC
•    Cloud (Amazon S3, EMC Atmos, etc)
•    Generic Linux/FreeBSD/Windows
•    Hyperconverged solutions
– VMware
– Nutanix
– Simplivity

•    Block Based Protocols
– FC (FibreChannel)
– FCoE (FibreChannel over Ethernet)
•    File Based Protocols
•    Object Based Storage
– Amazon S3
•    Others
– NDMP for backups
– VMware VSAN

•    FC Switches
•    Ethernet Switches
•    The in between (FCoE), convergence.

Top Weaknesses
• They all run Linux, FreeBSD, or Windows somewhere…

•    Deduplication
•    Compression
•    Encryption
– Key storage and generation
–     – The keys to the kingdom
–     – Tivoli Key Manager
–     – SafeNet
– – Internal
– Self Encrypting Disks
– Encryption Devices
•    WORM (Write Once, Read Many)

Little known but Critical “Filesystems”
•    ASM (Oracle)

Recent issues
•    Heartbleed
•    CodeSpaces
•    Engineering issues (bugs)
• CryptoLocker
• Lost Tapes
– – IRS / Mastercard / TD Bank
•    DOS/DDoS

Administrative connectivity
•    Web API
•    Web GUI
•    Thick GUI
•    CLI
•    Powershell

External influences
•    “Appliances”
– Monitoring applications
– Workflow and automation
•    Who should control what?
•    What passwords were used on install?  Have you changed them? Can you change them?

Hardening & Securing your environment
• FC – Zoning
• NFS – Plus and minuses to KRB
• SMB/CIFS – So much to do, so little time.
– – Which are you using?
– – Unicode, permissions
• etc

Backup Backup Backup Backup
•    NDMP & DUMPs
• Tape – Are you encrypting?
•    Replication Methods
– VM Based Replication (Zerto/vSphere Replication)
– Backup Software based, etc
•    Methodology
– Online
– Nearline
– Offline
• Are your schedules working?
• Are you really backing up what you think? Crash consistent vs Application Consistent backups.
• When was the last time you tested your backups?
•    Top Backup Software
– NetBackup
– CommVault
– Veeam
– Application based replication/DR
– Oracle DataGuard
– Exchange/SQL CAS & DAG replication

•    Free backup software. No catch. 448bit encryption.   I’ll have 30-50 codes.




Short Abstract:


Data is all around us.  We tend to overlook where and how it is stored as a possible attack surface.  This session hopes to educate you on how that blackbox of disks you call a SAN or NAS works, tips how to protect it, and what should keep you up at night worrying about.  In your datacenter it truly is the true heart of your business.


Long abstract:

Your datacenter is full of network switches, fibrechannel switches, disk arrays, file servers, VM Datastores, and backup systems.

What most people don’t realize is the vast amount of additional systems and software in place to keep it running. All of these can cause serious gaps security coverage of your data protection strategy.

This workshop will be a brain bending dialog on all the issues we tend to face when assessing an environment.



Be Sociable, Share!

, ,