Performance Improvement of an iSCSI-based Secure Storage Access

K. Kamisaka, S. Yamaguchi, and M. Oguchi (Japan)


SAN, IP storage, iSCSI, IPsec, Encryption, Sequential ac cess


iSCSI protocol, used in building IP-based storage net works, is becoming more important because it realizes con solidation of storage at low cost, since security is a critical issue for the iSCSI protocol, on which remote storage is accessed over the IP networks. iSCSI can employ IPsec, which offers strong encryption. However, IPsec encryption processing degrades the performance of storage access and increases the CPU load of the server. In this paper, for realizing secure storage access ef ficiently on iSCSI networks, we propose the idea of an encryption scheme in the higher-level layer instead of an IPsec encryption scheme. We measured the performance on simple socket communication and on iSCSI communi cation using the proposed model, and compared our pro posed scheme with IPsec. Consequently, our proposed method of encryption in the higher-level layer outperforms that of encryption using IPsec.

Important Links:

Go Back