Internet Small Computer System Interface (iSCSI) is an SCSI transport protocol for mapping of block-orientated storage data over TCP/IP (Transmission Control Protocol/Internet Protocol) networks. iSCSI builds on two widely used technologies—SCSI commands for storage and IP protocols for networking. By carrying SCSI commands over IP networks, iSCSI is used to facilitate data transfers over intranets and to manage storage over long distances. The iSCSI protocol enables universal access to storage devices and storage area networks (SANs). These networks may be dedicated networks or may be shared with traditional Ethernet applications.
In order to configure and manage iSCSI targets, conventional approaches often require a great amount of configuration for a given target, distributing the configuration to different objects (such as the iSCSI initiator), defining a least common denominator configuration for multiple initiators accessing a target, allowing a chat between the iSCSI layer and other network layers such as IPsec, and/or prohibiting some types of access. Under such approaches, the use of short CHAP (Challenge Handshake Authentication Protocol) secrets may be simply disallowed or may be allowed only if the implementation iSCSI layer is allowed to chat with the IPsec layer to determine the security policy in effect on the connections in a session.
Thus, it would be desirable to provide a method for simplifying the configuration and management of iSCSI targets.