Snapmirror security? Stopping man-in-the-middle

Since Snapmirror is a pull method - what stops someone who can packet sniff the network, from pulling volumes off the source filer?

With /etc/snapmirror.allow being the only security on the source, it seems that there is a risk here.

Use case:  OnTap 8.1.1 7-mode, FC SAN w/multiple customers. Customers would replicate over their particular network segments.

Due to FC, can't put any of the volumes in a specific vFiler, must be in vFiler0. 

VLANs could be restricted to snapmirror traffic (good)

Restrictions could be made to limit to IP (good, but not enough)

However, anyone with control over their network would be able to spoof the destination IP.  Then would be able to initiate snapmirrors and pull data from vol0 and potentially other vols that could be discovered.

Any way to stop this?  Am I missing something?

(ipsec looked to be an option, but is not available in OnTap 8 7-mode)


Re: Snapmirror security? Stopping man-in-the-middle

We put snapmirror traffic on the IPSEC tunnel that is setup by outside router.  Also the option snapmirror.check.ip can provide some additional security.