Ever wondered if the same best practices of SAN zoning are applicable with or without server virtualization? Let me give some pointers to create a stable, manageable & secure SAN zone.
- Always go for Zoning, even if LUN Masking is being used
- Always implement a default zone
- Disable any unused storage ports on the switch to increase security and avoid potential problems
- Use pWWN identification for all Zoning configuration unless D,P identification is required
- Create Zoning aliases and names with only as long as required to allow maximum scaling
- Single Initiator Zoning are to be used with separate zones if a HBA is carrying both types of traffic (eg for tape and disk traffic)
- Use accurate Zoning terminology
- Describe Zoning by enforcement method and identification type
- Always use the vendor given software to validate the zoning configuration
- Zones should use frame-based hardware enforcement
