Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

4/17/2008
10:00 AM
50%
50%

Hifn Hitches Storage to Security

Vendor boils encryption and iSCSI SANs into a hardware/software combo

6:00 PM

By James Rogers
News Editor, Byte and Switch

Hifn is looking to encrypt data at rest by fusing iSCSI SAN software with data acceleration cards, aiming the combined solution at storage OEMs.

Launched last month, the DR 250 and DR 255 acceleration cards -- basic building blocks of the new solution -- contain AES 256-bit encryption and are designed for VPN vendors looking to speed up their wares.

“We have been using [the cards] in the communication space; now we’re using them in the storage arena,” says John Matze, Hifn’s vice president of business development, explaining the recent decision to bundle the cards with Hifn’s Swarm iSCSI software. “We’re putting security on our iSCSI targets. As the data is written to disk, we encrypt it, so all the data is encrypted in case the system is lost or stolen." The bundle is geared toward “your typical tier one and two” storage OEMs.

Matze confirmed that the vendor is in discussions with a number of potential OEM partners, but was unwilling to name any of the firms involved. ”I am allergic to orange jumpsuits,” quipped the exec, but he added that the software/hardware bundle will eventually be targeted at end-users looking to lock down data in branch offices.

FalconStor, Sepaton, and HP already OEM adapter cards from Hifn, and Cisco OEMs the vendor’s network processing chips.

This could be a shrewd move, according to Ben Woo, vice president of enterprise storage systems research at analyst firm IDC: “One of the things that we have recognized is that the mid-market has finally opened its eyes to the benefits of storage networking. Having security through something like encryption becomes paramount.”

Hifn’s iSCSI SAN rival LeftHand Networks also offers encryption on its flagship SAN/IQ offerings, although this is software-based, unlike the Hifn accelerator card, which contains a security processor.

”Software encryption comes with a performance overhead,” says IDC’s Woo, explaining that it makes sense to shift this work to a piece of silicon. “At the end of the day, encryption is a compute-intensive activity -- if you can offload that somewhere else, then you leave the rest of the computer to do something more interesting or more valuable.”

Hifn’s Swarm software, which is based on technology from the vendor's acquisition of Siafu last year, was previously sold as part of an appliance, something which Matze feels limited Hifn’s OEM opportunities.

”I am not going to sell a hardware box to HP, for example,” he says.

Opening up new routes to market will certainly be easier said than done, according to IDC’s Woo.

The big challenge is ‘Hifn who?’” he says, explaining that the vendor lacks name and brand recognition. “Even where they do have brand recognition, they are recognized as a component provider, not as a solution provider.”

Hifn’s storage/security bundle is available now, priced from $4,995.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Byte and Switch's editors directly, send us a message.

  • Cisco Systems Inc. (Nasdaq: CSCO)
  • FalconStor Software Inc. (Nasdaq: FALC)
  • Hifn Inc. (Nasdaq: HIFN)
  • Hewlett-Packard Co. (NYSE: HPQ)
  • IDC
  • LeftHand Networks Inc.
  • Sepaton Inc.
  • Siafu Software LLC

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 9/21/2020
    Hacking Yourself: Marie Moe and Pacemaker Security
    Gary McGraw Ph.D., Co-founder Berryville Institute of Machine Learning,  9/21/2020
    Startup Aims to Map and Track All the IT and Security Things
    Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/22/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon
    Current Issue
    Special Report: Computing's New Normal
    This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
    Flash Poll
    How IT Security Organizations are Attacking the Cybersecurity Problem
    How IT Security Organizations are Attacking the Cybersecurity Problem
    The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-25595
    PUBLISHED: 2020-09-23
    An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI specifications shouldn't be ...
    CVE-2020-5783
    PUBLISHED: 2020-09-23
    In IgniteNet HeliOS GLinq v2.2.1 r2961, the login functionality does not contain any CSRF protection mechanisms.
    CVE-2020-11031
    PUBLISHED: 2020-09-23
    In GLPI before version 9.5.0, the encryption algorithm used is insecure. The security of the data encrypted relies on the password used, if a user sets a weak/predictable password, an attacker could decrypt data. This is fixed in version 9.5.0 by using a more secure encryption library. The library c...
    CVE-2020-5781
    PUBLISHED: 2020-09-23
    In IgniteNet HeliOS GLinq v2.2.1 r2961, the langSelection parameter is stored in the luci configuration file (/etc/config/luci) by the authenticator.htmlauth function. When modified with arbitrary javascript, this causes a denial-of-service condition for all other users.
    CVE-2020-5782
    PUBLISHED: 2020-09-23
    In IgniteNet HeliOS GLinq v2.2.1 r2961, if a user logs in and sets the ‘wan_type’ parameter, the wan interface for the device will become unreachable, which results in a denial of service condition for devices dependent on this connection.