White Paper: Fibre Channel SecuritySource: Strategic Storage Solutions
By itself, Fibre Channel is not a secure protocol. Without implementing certain security measures within a Fibre Channel SAN, application servers will be able to see al l devices on the SAN and could even write to the same physical disk! The two most common methods of providing security on a Fibre Channel SAN are zoning and LUN masking.
Zoning is a function provided by fabric switches that allows segregation of a node by physical port, name or address. The zones are similar to VLANs in data networking in the way they establish a "virtual SAN" within a SAN. Zoning works by inclusion; zone members have any-to-any connectivity within the zone and non-members have none. Zoning can be implemented using either hardware or software.