Comments on: iSCSI Part 3 (or is it part 4) http://thestoragearchitect.com/2007/02/16/iscsi-part-3-or-is-it-part-4/ Storage, Virtualisation & Cloud Fri, 10 Feb 2012 17:47:20 +0000 hourly 1 http://wordpress.org/?v=3.2.1 By: Killchad http://thestoragearchitect.com/2007/02/16/iscsi-part-3-or-is-it-part-4/#comment-38 Killchad Tue, 03 Jul 2007 14:39:00 +0000 http://thestoragearchitect.wordpress.com/2007/02/16/iscsi-part-3-or-is-it-part-4/#comment-38 Hello - I've yet to see IPSec (or even CHAP for that matter) deployed in small-mid scale iSCSI deployments. While it seems to me that CHAP is a no brainer, and IPSec seems to make logical sense - the tradeoffs go against one of the primary benefits of iSCSI - simple config and ease of use.<br/><br/>IPSec adds some "finicky-ness" - greater dependencies on specific iSCSI targets, and starts to impose a heavy burden on the software initiators (which is also the much, much more widely deployed model)<br/><br/>Just a comment from someone who sees a lot of iSCSI in production environments.<br/><br/>Chad Hello – I’ve yet to see IPSec (or even CHAP for that matter) deployed in small-mid scale iSCSI deployments. While it seems to me that CHAP is a no brainer, and IPSec seems to make logical sense – the tradeoffs go against one of the primary benefits of iSCSI – simple config and ease of use.

IPSec adds some “finicky-ness” – greater dependencies on specific iSCSI targets, and starts to impose a heavy burden on the software initiators (which is also the much, much more widely deployed model)

Just a comment from someone who sees a lot of iSCSI in production environments.

Chad

]]>