Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

HP Overhauls Storage Security

Vendor prepares encryption switch and tighter integration of compliance and key management

By James Rogers, April 4, 2008, 6:00 PM

HP will overhaul its storage security offerings next week with a souped-up fabric switch, enhanced key management, and an encryption kit for tape libraries and autoloaders.

First up is the C-Series MDS 9222i Storage Media Encryption (SME) switch. “That allows you to encrypt data through any port on the switch,” says Adam Thew, HP’s director of products for nearline products. “It’s basically targeted at legacy tape. This is really for places where they have older environments than LTO 4, where they want to encrypt the data going to virtual tape." He explains that, whereas LTO 4 has native encryption, earlier versions of the technology do not.

”Up until now, if customers had been looking to go to tape level encryption, they have had to upgrade their tape to LTO 4, but this is a solution to avoid that,” says Thew.

HP is not the first vendor to focus its energy on switch fabric encryption. Last year, for example, Cisco teamed up with EMC's RSA division to encrypt data traveling across the network on its family of switches, although users were reluctant to abandon more traditional encryption methods.

HP’s C-Series MDS 9222i is actually OEM’d from Cisco, although Thew told Byte and Switch that the technology can be deployed either as a dedicated switch, the MDS 9222i, or as a blade for HP’s 9000 series switches.

The MDS 9222i encryption switch, plus its software license, is available now, priced at $83,500. The 18/4 encryption blade is also available now, priced at around $50,0000, plus a $27,995 software license.

With HP CEO Mark Hurd looking to boost the vendor’s storage sales, it is hardly surprising that the company is using security to breathe life into this part of its business. As a result, the vendor will also turn its attention to key management and compliance next week.

”We have integrated our Secure Key Manager [device] with our Compliance Log Warehouse [device],” says Thew, referring to the Secure Key Manager device that manages LTO encryption keys and the vendor’s log monitoring appliance. “It’s an API-level integration that we have done that is invisible to the IT administrator.”

With users increasingly looking for better log management, the exec says that it made sense to tie the two products more closely together.

”You can export the logs and the activity information such as when keys are generated, and who authorized them, into the Compliance Log Warehouse,” he says. “This compiles and compresses the information and generates reports in compliance with likes of HIPAA, Sarbanes Oxley, and the EU Data Retention Act.”

Pricing for the Secure Key Manager starts at $100,000, and the Compliance Log Warehouse has a list price of $225,000. Both devices are currently available, although HP says that there is no additional cost for the software client used to open their APIs.

The vendor will also take aim at the smaller environments with a single tape library or autoloader next week with the launch of its StorageWorks Encryption Kit, a memory-stick sized device for storing keys. “It plugs into a USB port on the back of the autoloader or MSL library, and it generates and manages the keys for the encryption process,” says Thew.

The Encryption Kit, which is available in June, priced at $2,500, can handle up to 100 keys, compared to the Secure Key Manager’s 100,000.

”Rule number one of key management is always have two copies,” says Thew, but he admits that the products launched next week will only work with HP kit.

”Today, there is no standard for key management, but we’re actively working on that with other vendors and the Storage Networking Industry Association. I expect that we will have standards to announce in early 2009, and then I think we will see products implementing that standard some time later.”

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Byte and Switch's editors directly, send us a message.

  • Cisco Systems Inc. (Nasdaq: CSCO)
  • EMC Corp. (NYSE: EMC)
  • Hewlett-Packard Co. (NYSE: HPQ)
  • RSA Security Inc. (Nasdaq: EMC)
  • Storage Networking Industry Association (SNIA)

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 10/1/2020
    9 Tips to Prepare for the Future of Cloud & Network Security
    Kelly Sheridan, Staff Editor, Dark Reading,  9/28/2020
    Attacker Dwell Time: Ransomware's Most Important Metric
    Ricardo Villadiego, Founder and CEO of Lumu,  9/30/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon
    Current Issue
    Special Report: Computing's New Normal
    This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
    Flash Poll
    How IT Security Organizations are Attacking the Cybersecurity Problem
    How IT Security Organizations are Attacking the Cybersecurity Problem
    The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-5788
    PUBLISHED: 2020-10-01
    Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows a remote, authenticated attacker to delete arbitrary files on disk via the admin/system/admin/certificates/delete action.
    CVE-2020-5789
    PUBLISHED: 2020-10-01
    Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows a remote, authenticated attacker to read the contents of arbitrary files on disk.
    CVE-2020-9486
    PUBLISHED: 2020-10-01
    In Apache NiFi 1.10.0 to 1.11.4, the NiFi stateless execution engine produced log output which included sensitive property values. When a flow was triggered, the flow definition configuration JSON was printed, potentially containing sensitive values in plaintext.
    CVE-2020-9487
    PUBLISHED: 2020-10-01
    In Apache NiFi 1.0.0 to 1.11.4, the NiFi download token (one-time password) mechanism used a fixed cache size and did not authenticate a request to create a download token, only when attempting to use the token to access the content. An unauthenticated user could repeatedly request download tokens, ...
    CVE-2020-9491
    PUBLISHED: 2020-10-01
    In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as listening connections established by processors like ListenHTTP, HandleHttpRequest, etc. However intracluster communication such as cluster request replication, Site-to-Site, and load balanced queues...