Perimeter
8/20/2012
09:19 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

SafeNet Delivers New Class Of Crypto To Storage Data

StorageSecure provides a highly secure alternative to full-disk encryption technology

Baltimore August 20, 2012 – Data breaches are accelerating with alarming speed, and traditional breach prevention tactics are simply insufficient to guard organizations’ data from unauthorized access or exposure. Today, SafeNet, a global leader in data protection, extends its comprehensive portfolio of data security solutions into the storage security market with the immediate availability of StorageSecure.

StorageSecure is the industry’s first network attached storage (NAS) security solution that encrypts data granularly over the network at multi Gbps speed. Customers gain the benefits of compliance, improved governance, and data security for their mission-critical data at rest.

Gartner analyst Sid Deshpande notes that large scale digital content and unstructured data are growing at a fast pace, and as a result an increasing number of users are adopting scalable NAS solutions. The consolidation of corporate data, including high-value information, into large centralized repositories such as NAS is ushering in a new set of compliance-related issues and security risks. Multi-tenant NAS environments increases the number of users and storage administrators with access permissions to the same storage environment. To prevent unauthorized access and use of high-value data, as well as enabling effective auditing, customers need to come up with a new method to protect their data.

StorageSecure was developed in partnership with NetApp, the industry leader for NAS solutions, and designed to address these needs. By providing granular encryption, customers can compartmentalize the use of data in NAS, mitigate the risk of storage admins accessing high-value data without affecting their day to day job, enable effective data shredding when needed, and demonstrate trustworthy audit trail for all StorageSecure-protected data access events.

According to Gartner Analyst, Eric Oulette in the July 27,2012 Hype Cycle for Data and Collaboration Security 2012, organizations that use several disparate/isolated storage data encryption solutions should also consider the benefits of consolidating individual solutions into centralized data center storage encryption to simplify deployment and maintenance cost/efforts and to enable the consistency of encryption policy applicability.

StorageSecure provides those benefits to customers, including:

Policy-based Data Security: Granular encryption of data communicated over Common Internet File System (CIFS) and Network File Service (NFS) at the folder level segregating data stored in shared NAS environments ensuring that each user’s data is effectively isolated from unauthorized access by other users and administrators. An additional layer of protection against rogue administrators is unique in the industry.

Enhanced Data Governance: The hardened and trusted FIPS 140-2 Level 3 StorageSecure is a tamper-proof network appliance with centralized high-assurance auditing and security management that stores and manages the encryption keys with complete security. This enables a complete and unmatched audit trail of access events to high-value data stored in NAS

Investment Protection: StorageSecure integrates within existing IT architectures and uses existing Active Directory, Lightweight Directory Access Protocol (LDAP) or Network Information Service (NIS) security policies and client authentication, and covers any CIFS and NFS communications supporting NAS and file servers.

Cross-platform Key Management: As part of SafeNet’s data protection portfolio, StorageSecure integrates with SafeNet’s Enterprise Key Management solution, KeySecureTM . KeySecure enables security teams to centrally and uniformly manage cryptographic keys across a wide variety of their organization’s encryption platforms, while at the same time streamlines key and policy administration. Based on the KMIP protocol (the industry standard key management protocol), KeySecure offers key management for StorageSecure, as well as the widest variety of storage encryption solutions including encryption for SAN by managing keys for Brocade encryption switch (BES)self-encrypted drives used in many new SAN and NAS environments (e.g. NetApp NSE), self-encrypted backup tape drives.

SafeNet Executive Commentary

“As data volumes proliferate and breaches become a more common occurrence, organizations need to employ a new mindset that will help protect their digital assets from internal and external threats. StorageSecure does just that by employing intelligent storage encryption and high-assurance key management to existing storage solutions. This helps organizations play proactive defense and keep structured and unstructured data safe, secure against insider threats and remain compliant with stringent industry regulations.”

- Sangeeta Anand, corporate vice president and general manager, Data Protection Business Unit, SafeNet, Inc.

NetApp Executive Commentary

“Our customers are demanding a scalable solution to manage the security of their data in NAS and SAN environments. With StorageSecure, SafeNet and NetApp are bringing our customers the most advanced and secure enterprise storage security solution available. StorageSecure, especially when combined with SafeNet KeySecure, provides customers with the level of control, management and visibility necessary to enable compliance and overall data security.”

- Tim Russell, vice president, Data Lifecycle Ecosystem group, NetApp

StorageSecure is available today in two appliance options – one suited for 1Gbps networks and the second can address 10Gbps network infrastructure.

Supporting Resources:

· StorageSecure overview: http://www.safenet-inc.com/data-protection/storage-security/storage-secure/

· KeySecure overview: http://www.safenet-inc.com/data-protection/key-management/key-secure/

· Encryption in NAS Environments: Requirements and Keys to Success http://www.safenet-inc.com/data-protection/storage-security/storage-secure/

· Securing Electronic Health Records in Storage: Current Threats—and How SafeNet Solutions Can Help Combat Them http://www.safenet-inc.com/data-protection/storage-security/storage-secure/

· Follow SafeNet on Twitter, Facebook, YouTube and LinkedIn

About SafeNet

Founded in 1983, SafeNet, Inc. is one of the largest information security companies in the world, and is trusted to protect the most sensitive data for market-leading organizations around the globe. SafeNet’s data-centric approach focuses on the protection of high-value information throughout its lifecycle, from the datacenter to the cloud. More than 25,000 customers across commercial enterprises and government agencies trust SafeNet to protect and control access to sensitive data, manage risk, ensure compliance, and secure virtual and cloud environments.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-0360
Published: 2014-04-23
Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCtn22376.

CVE-2012-1317
Published: 2014-04-23
The multicast implementation in Cisco IOS before 15.1(1)SY allows remote attackers to cause a denial of service (Route Processor crash) by sending packets at a high rate, aka Bug ID CSCts37717.

CVE-2012-1366
Published: 2014-04-23
Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544.

CVE-2012-3062
Published: 2014-04-23
Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) snooping is enabled, allows remote attackers to cause a denial of service (CPU consumption or device crash) via MLD packets on a network that contains many IPv6 hosts, aka Bug ID CSCtr88193.

CVE-2012-3918
Published: 2014-04-23
Cisco IOS before 15.3(1)T on Cisco 2900 devices, when a VWIC2-2MFT-T1/E1 card is configured for TDM/HDLC mode, allows remote attackers to cause a denial of service (serial-interface outage) via certain Frame Relay traffic, aka Bug ID CSCub13317.

Best of the Web