Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

HP Overhauls Storage Security

Vendor prepares encryption switch and tighter integration of compliance and key management

By James Rogers, April 4, 2008, 6:00 PM

HP will overhaul its storage security offerings next week with a souped-up fabric switch, enhanced key management, and an encryption kit for tape libraries and autoloaders.

First up is the C-Series MDS 9222i Storage Media Encryption (SME) switch. “That allows you to encrypt data through any port on the switch,” says Adam Thew, HP’s director of products for nearline products. “It’s basically targeted at legacy tape. This is really for places where they have older environments than LTO 4, where they want to encrypt the data going to virtual tape." He explains that, whereas LTO 4 has native encryption, earlier versions of the technology do not.

”Up until now, if customers had been looking to go to tape level encryption, they have had to upgrade their tape to LTO 4, but this is a solution to avoid that,” says Thew.

HP is not the first vendor to focus its energy on switch fabric encryption. Last year, for example, Cisco teamed up with EMC's RSA division to encrypt data traveling across the network on its family of switches, although users were reluctant to abandon more traditional encryption methods.

HP’s C-Series MDS 9222i is actually OEM’d from Cisco, although Thew told Byte and Switch that the technology can be deployed either as a dedicated switch, the MDS 9222i, or as a blade for HP’s 9000 series switches.

The MDS 9222i encryption switch, plus its software license, is available now, priced at $83,500. The 18/4 encryption blade is also available now, priced at around $50,0000, plus a $27,995 software license.

With HP CEO Mark Hurd looking to boost the vendor’s storage sales, it is hardly surprising that the company is using security to breathe life into this part of its business. As a result, the vendor will also turn its attention to key management and compliance next week.

”We have integrated our Secure Key Manager [device] with our Compliance Log Warehouse [device],” says Thew, referring to the Secure Key Manager device that manages LTO encryption keys and the vendor’s log monitoring appliance. “It’s an API-level integration that we have done that is invisible to the IT administrator.”

With users increasingly looking for better log management, the exec says that it made sense to tie the two products more closely together.

”You can export the logs and the activity information such as when keys are generated, and who authorized them, into the Compliance Log Warehouse,” he says. “This compiles and compresses the information and generates reports in compliance with likes of HIPAA, Sarbanes Oxley, and the EU Data Retention Act.”

Pricing for the Secure Key Manager starts at $100,000, and the Compliance Log Warehouse has a list price of $225,000. Both devices are currently available, although HP says that there is no additional cost for the software client used to open their APIs.

The vendor will also take aim at the smaller environments with a single tape library or autoloader next week with the launch of its StorageWorks Encryption Kit, a memory-stick sized device for storing keys. “It plugs into a USB port on the back of the autoloader or MSL library, and it generates and manages the keys for the encryption process,” says Thew.

The Encryption Kit, which is available in June, priced at $2,500, can handle up to 100 keys, compared to the Secure Key Manager’s 100,000.

”Rule number one of key management is always have two copies,” says Thew, but he admits that the products launched next week will only work with HP kit.

”Today, there is no standard for key management, but we’re actively working on that with other vendors and the Storage Networking Industry Association. I expect that we will have standards to announce in early 2009, and then I think we will see products implementing that standard some time later.”

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Byte and Switch's editors directly, send us a message.

  • Cisco Systems Inc. (Nasdaq: CSCO)
  • EMC Corp. (NYSE: EMC)
  • Hewlett-Packard Co. (NYSE: HPQ)
  • RSA Security Inc. (Nasdaq: EMC)
  • Storage Networking Industry Association (SNIA)

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Oldest First  |  Newest First  |  Threaded View
    Overcoming the Challenge of Shorter Certificate Lifespans
    Mike Cooper, Founder & CEO of Revocent,  10/15/2020
    US Counterintelligence Director & Fmr. Europol Leader Talk Election Security
    Kelly Sheridan, Staff Editor, Dark Reading,  10/16/2020
    7 Tips for Choosing Security Metrics That Matter
    Ericka Chickowski, Contributing Writer,  10/19/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon
    Current Issue
    Special Report: Computing's New Normal
    This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
    Flash Poll
    How IT Security Organizations are Attacking the Cybersecurity Problem
    How IT Security Organizations are Attacking the Cybersecurity Problem
    The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-4564
    PUBLISHED: 2020-10-20
    IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 and IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lea...
    CVE-2020-4748
    PUBLISHED: 2020-10-20
    IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188517.
    CVE-2020-4749
    PUBLISHED: 2020-10-20
    IBM Spectrum Scale 5.0.0 through 5.0.5.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link ...
    CVE-2020-4755
    PUBLISHED: 2020-10-20
    IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188595.
    CVE-2020-4756
    PUBLISHED: 2020-10-20
    IBM Spectrum Scale V4.2.0.0 through V4.2.3.23 and V5.0.0.0 through V5.0.5.2 as well as IBM Elastic Storage System 6.0.0 through 6.0.1.0 could allow a local attacker to invoke a subset of ioctls on the device with invalid arguments that could crash the keneral and cause a denial of service. IBM X-For...