Drive array storage provider 3PAR has integrated lightweight directory access protocol (LDAP) security features into its storage products' operating systems. This means sysadmins can now manage access control for both server and storage resources through one automated facility.
According to 3PAR president and CEO David Scott general server resource access control is managed centrally through Active Directory (AD) for Windows and LDAP for Unix and other operating systems, including Windows. This provides a single point of control for access to server resources for both employees and people external to the business, such as partners and outsourcing agencies.
Scott said: "If a person changes role and their security access privileges are not changed it means there is a security hole. LDAP fixes this. But storage has been almost completely left out. Virtually every storage supplier has its own authentication and access methods."
He says 3PAR customers believe this is a major issue. Having different and non-centralised processes for storage access control and identity management from different vendors leads to mistakes and omissions occurring, meaning data is put at risk from insider leakage and theft.
With LDAP, and AD support, now built into INFORM. it links in to centralised security processes. This makes access changes automatic and uniform across both server and 3PAR storage resources.
Benjamin Woo, an enterprise storage systems VP at IDC, said: "3PAR's native support of a broadly accepted open standard such as LDAP makes logical sense. Given the pervasive implementation of LDAP-based security schemas, customers can now extend their centralised security management platform to storage."
Shopzilla is a 3PAR customer. Burzin Engineer, its VP for infrastructure services, said: "With 3PAR support for LDAP, managing security commonly - across all our resources, including storage - is ... simple and efficient.”
Asked if any other storage vendor provided LDAP facilities, Scott said: "I'm not aware that any other tier one vendor delivers LDAP, except for EMC which does it as an add-on product. With 3PAR it is included with the O/S."
EMC's Celerra can have LDAP facilities.