Method and system for governing access to storage device on SAN
First Claim
1. A method of governing access to a storage device connected to a storage area network (SAN), the method comprising:
- at initial setting up of the storage device in relation to a rest of the SAN;
obtaining a first list at the storage device from a SAN repository having stored thereon the first list, repository, wherein access to the storage device by other devices is governed at least in part at the storage device based upon the first list, and wherein each of the other devices is at least one of fully precluded from accessing the storage device, partly precluded from accessing the storage device, and allowed to access the storage device; and
during operation of the SAN;
checking the first list for a requesting device and performing a requested action if the requesting device is not at least partly precluded from accessing the storage device;
if it is time to update the first list after checking the first list and performing the requested action, then querying the SAN to determine if at least one additional other device has entered into communication with the SAN; and
automatically updating the first list to reflect the at least one additional other device so that access to the storage device by the at least one additional other device is also governed at least in part based upon the first list.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention in at least some embodiments relates to improved methods and systems for governing access to SAN data storage devices (or simply “SAN devices”) employed in SAN systems. In some embodiments, the method involves storing a list at a SAN device. The list can be an exclusion list identifying devices that are not allowed to access the SAN device. During normal operation, the SAN device automatically contacts the SAN (or a component of the SAN, such as a SAN switch) to determine the identities of new devices that have entered into communication with the SAN. The SAN device then automatically updates the exclusion list to include those new devices such that, without further instructions, the SAN device is not accessible by those new devices. The method further can relate to the setup and failure recovery of SAN devices employed in SAN systems.
-
Citations
32 Claims
-
1. A method of governing access to a storage device connected to a storage area network (SAN), the method comprising:
-
at initial setting up of the storage device in relation to a rest of the SAN; obtaining a first list at the storage device from a SAN repository having stored thereon the first list, repository, wherein access to the storage device by other devices is governed at least in part at the storage device based upon the first list, and wherein each of the other devices is at least one of fully precluded from accessing the storage device, partly precluded from accessing the storage device, and allowed to access the storage device; and during operation of the SAN; checking the first list for a requesting device and performing a requested action if the requesting device is not at least partly precluded from accessing the storage device; if it is time to update the first list after checking the first list and performing the requested action, then querying the SAN to determine if at least one additional other device has entered into communication with the SAN; and automatically updating the first list to reflect the at least one additional other device so that access to the storage device by the at least one additional other device is also governed at least in part based upon the first list. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method of governing access to a storage device connected to a storage area network (SAN) that is in communication with a plurality of other devices, the method comprising:
-
storing, on a first backup memory device, a first list stored on a SAN switch received at the storage device from the SAN switch, the first list regarding at least one of the other devices that is in communication with the SAN; recovering and storing the first list at the storage device after a failure has occurred; based upon the recovered first list, determining whether the at least one other device is at least one of precluded from accessing the storage device, partly allowed to access the storage device, and fully allowed to access the storage device, and only updating the recovered first list if it is time to update the recovered first list; storing, on at least one of the first backup memory device and a second backup memory device, a second list of each of the other devices that are in communication with the SAN;
recovering the second list after the failure has occurred;comparing the recovered second list with further information obtained from the SAN after the failure has occurred; and determining based upon the comparison whether the other devices in communication with the SAN have changed between a first time prior to the failure and a second time after the failure. - View Dependent Claims (18, 19)
-
-
20. A data storage device for implementation in connection with a storage area network (SAN) that is also in communication with a plurality of other devices, the data storage device comprising:
-
first means for storing data that is capable of being provided onto the SAN; second means for storing a first list of at least one of the other devices that is in communication with the SAN, wherein the first means and second means are respective subportions of a single memory device, wherein the first list is received form a SAN switch having stored thereon the first list; and a control device in communication with each of the first means and the second means, wherein the control device determines whether at least a portion of the data stored by the first means can be accessed by the at least one other device based at least in part upon the first list stored at the second means of the data storage device, wherein the first list is automatically updated to reflect the at least one of the other devices and wherein, subsequent to the automatic updating of the first list, the storage device fully precludes the at least one of the other devices from accessing the storage device. - View Dependent Claims (21, 22, 23)
-
-
24. A data storage device for implementation in connection with a storage area network (SAN) that is also in communication with a plurality of other devices, the data storage device comprising:
-
a primary memory component, wherein data that is capable of being provided onto the SAN is stored in the primary memory component; a second memory component, wherein information regarding at least one of the other devices that is in communication with the SAN is stored in the second memory component, wherein the data and the information are both received at the data storage device from a SAN switch and the information is checked when it is time to update the information; and a controller that is in communication with each of the first and second memory components, wherein a decision made by the controller regarding whether the primary memory component can be accessed by the other devices depends at least in part upon the information stored in the second memory component of the data storage device;
wherein the information is received from a SAN switch having stored thereon the information. - View Dependent Claims (25, 26, 27, 28, 29)
-
-
30. A non-transitory computer-readable medium embodying instructions for a processor to perform a method of managing a data storage device to operate in connection with a storage area network (SAN) that is also in communication with a plurality of other devices, the method comprising:
-
initially obtaining a first set of information at the data storage device from a SAN switch having stored thereon the first set of information, wherein access to the storage device by the other devices is governed at least in part based on the first set; causing the data storage device to query the SAN to determine if at least one additional other device has entered into communication with the SAN; and automatically updating the first set to reflect the at least one additional other device so that access to the storage device by the at least one additional other device is also governed at least in part based upon the first set, wherein the automatic updating of the first set results in an exclusion list being updated to reflect the at least one additional other device and wherein, subsequent to the updating of the first set, the storage device fully precludes the at least one additional other device from accessing the storage device; and a communication link for use in communicating information with a user interface, a backup memory device, and a non-SAN communication link for communicating with a repository that is not in communication with the SAN. - View Dependent Claims (31, 32)
-
Specification