Home' RTCA Documents for Review : DO-230H FRAC Contents 191
©2017 RTCA, Inc.
standard TCP/IP over Ethernet to connect the storage to the network, a SAN uses the fiber channel protocol
to connect storage directly to devices/hosts. SANs are more expensive than NAS devices because of the
fiber channel connectivity, but a SAN can be configured to act like a NAS with an iSCSI switch to save
money and this approach should be evaluated in the design process.
SANs are highly redundant through the implementation of multi-pathing and the ability to create fully
redundant fiber meshes in which there are no single points of failure. SANs feature block-level transfers
instead of NAS file-level transfers, which is critical if the database applications read and write data at the
A SAN may provide a higher level of security than a NAS by employing zoning and logical unit number
security. NAS security is typically implemented at the file-system level through traditional operating system
access-control lists. There is also more flexibility for RAID levels; while NAS products do support standard
RAID levels, typically NASs do not provide the flexibility to mix RAID levels within the same device.
For simple file storage, NAS is advantageous because the NAS product interfaces to the IP network as any
other network device. Most IT administrators are familiar with Ethernet LANs and the TCP/IP protocols.
For them, installing NAS storage will require less technical expertise and training than a SAN solution.
Whether a NAS or a SAN is selected, the storage system should enable hard drives to be swapped without
interrupting storage activities, and the system should be able to automatically re-configure drive partitions
and sectors to move data from failed sectors to operating sectors.
Off-Site Remotely Accessible Storage
Off-site data storage is now routinely used for a variety of functions including remote management of IT
functions across an enterprise. Conceptually, the model is similar to the utility models used for electricity,
gas, and water which are usually outsourced by an airport.
Off-site data storage may be contracted to a commercial third-party, commonly known as a Cloud Solution.
Cloud providers such as Amazon, Google, and Microsoft among others, operate data centers which connect
to clients over the Internet. These are large data centers, designed to be physically secure, and employ
sophisticated security measures for client data protection.
An airport might also consider an off-site facility where direct fiber connectivity is available, thereby
bypassing Internet connection issues and enabling the airport to control data access directly. The remote
site may be managed by the airport's IT Department or it may be contracted to a third party, becoming a
private cloud storage site.
Cloud solutions for airports involves trade-offs of risk, performance, and cost among other factors. Data
security is probably not a serious issue for reputable commercial cloud service providers whose data centers
are well protected and are equipped with redundant capabilities, capabilities which many airports cannot
afford to match. Several U.S. Government agencies now use commercial cloud services for information
classified at levels above airport SSI data. Much airport video surveillance streams will not contain SSI
While there is a risk of a cloud service being hacked, the expertise which a major cloud service provider
can apply, including cybersecurity protection, is a high priority. That risk also exists for airport IT systems
where the "insider threat" is a major issue.
If the risk of service interruption is acceptable, i.e., the loss of Internet access over a carrier's lines, then
storing all of some portions or an airport's video streams in the cloud becomes a cost-management trade
off. Having local control of security information is important to airports. Using a cloud service to store non-
Links Archive Navigation Previous Page Next Page