Authentication. When using iSCSI in a cloud environment, authentication must be handled by an external protocol or application to ensure secure connections.
Data Encryption: the data exchanged between the iSCSI initiator and iSCSI target is not encrypted, which is why an attacker who is able to sniff the data of the wire will also be able to reconstruct the data, or more precisely, the files and directories transferred between the two parties. Additionally, an attacker might also be able to inject his own data into the traffic, thus creating/modifying/deleting arbitrary files on the iSCSI target. To mitigate the risk, the IPsec ought to be used to properly encrypt the communication between the iSCSI endpoints.
https://resources.infosecinstitute.com/topics/cloud/iscsi-security-considerations-cloud/
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
sweetykaur
1 month, 1 week agogloby118
5 months, 2 weeks agoST42
8 months, 3 weeks agoakg001
2 years, 6 months ago