VMware's Ticking Storage Time Bomb
Thursday, 16 February 2006 by Michel Roth
An article on techworld.com by Steve Duplessie on a possible security risk when “sharing” a Fibre Channel host bus adapters in a ESX enviroment:

"It turns out that the “hypervisors” (VMware, Zen) that let us turn one physical machine into numerous logical machines have a big flaw when it comes to “sharing” a Fibre Channel host bus adapter. The HBA presents a WWN (World Wide Name) to the I/O driver of the server, and that server uses it as it will. In a virtual server mode, all of the server instances can see and access the same HBA - and all the same logical unit numbers (LUN) attached to it. Oops. IBM doesn’t have the issue on it’s own hypervisors for the mainframe, AIX and AS/400s, it appears. Since I’m guessing the majority of VMware installations are for consolidation purposes, which means they're most likely using SANs, I can smell burning metal."

Read the article here.

Related Items:

ESX Server Tech Note: Providing LUN Security (14 March 2006)
Comments (0)add feed
Show/Hide comment formtoggle
password
 

busy