In Mission Impossible 2, Tom Cruise runs up to a pay phone in downtown Prague, inserts a magic little device into a common pay phone and says, “Go secure.” He is now using an encrypted line on an existing network and that is exactly what Emulex OneSecure™ adapters allow you to do with your existing Fibre Channel networks. By integrating the Emulex OneSecure adapter’s hardware offload processing capabilities into its EMC® PowerPath® Encryption with RSA® as well as in its EMC CLARiiON® network storage and EMC Celerra® unified storage systems, IT managers can now easily deploy a complete security solution for Fibre Channel-connected hosts that encrypts data without sacrificing server performance, system uptime or stability for high workload data center environments.. We all know that there are dozens of compliance and regulatory reasons for having encryption in your storage network. Emulex and EMC just make it easy to protect the full data path and at a lower cost. That is the real difference with this new solution. As we all know, encryption solutions have been around for many years but in many cases they have often created more problems than they solve. Let’s look at the previous attempts:
- Target-based Solutions – Many disk and tape vendors have been shipping encrypted solutions for several years, however, from a disk storage perspective, they increase costs considerably because you now have to manage and maintain two sets of storage resources. This is diametrically opposed to the core value proposition of storage consolidation which is unifying the storage pool for better utilization, simplified management and lower costs. Additionally, this method does not protect data in-flight and many of the new regulatory rules require data be protected in-flight, such as the Massachusetts data protection law. This means that target-based encryption won’t be a viable enterprise solution for some going forward.
- Fabric/Network-based Encryption – The key challenge with network-based solutions is that they add significant cost to the infrastructure, do not cover every data path that is required and leave a hole on in-flight encryption between the host and the switch/appliance. This, like the target side encryption devices, can create a compliance and regulatory problem for many IT managers.
- Software-based Encryption – The most common answer has been for IT managers to use software-based encryption on the host to provide complete end-to-end encryption, but this requires significant CPU cycles and can affect service level agreements (SLAs) for key applications.
OneSecure: HBA Hardware Off-Load Encryption –OneSecure is therefore unique in the market. It provides full end-to-end encryption in the HBA hardware. Emulex OneSecure adapters off-load the CPU to maximize performance, ensure complete regulatory compliance, eliminate the problems of target-based overhead, lower costs and maintain application level SLAs. These are the reasons why EMC choose to partner with Emulex.
At our 30th anniversary in February last year, we stood on stage with RSA and announced the development of this technology and today, at EMC World, we are now announcing this solution. EMC, RSA and Emulex are confident that this is the right solution to protect your valuable data.
The purpose of our blog are to facilitate an ongoing conversation on what's going on in our industry, with our partners and customers. We encourage your comments. Your ideas and feedback are what makes our blogs interesting, timely and useful for our readers.
We want to publish your comments, however, all comments are moderated. Offensive, off-topic or fraudulent comments won't be approved. We also expect a basic level of civility; disagreements are expected, but mutual respect is a must. We will not post comments that contain vulgar or abusive language; personal attacks of any kind; or offensive terms that target specific ethnic or racial groups. Comments that make accusations will also not be posted.
By submitting a comment, you agree to these terms; having your name displayed with your comment and that you are 18 years old or older. Your name and personal information will not be used for any other purpose, and your e-mail address will not be published.