Cisco Systems plans a fabric-based encryption offering for disk
and tape later this year that the company says bests current
approaches.
The product will be delivered in the second half of the year,
but Cisco has been conducting preliminary briefings to let
customers know it’s coming and will issue a press release on the
offering next week.
Doug Anderson, product manager of Cisco’s Data Center Business
Unit, said that of the possible locations to encrypt data —
on the host or tapes, via appliances or on the storage network
fabric — Cisco chose to deliver its Storage Media Encryption
(SME) of data at rest as a SAN
fabric-based service, integrating it into the network so it doesn’t
require network changes or new equipment.
Data encryption has become “top of mind for customers,” said
Anderson. One reason is the need to comply with data protection and
retention regulations such as HIPAA
and
Sarbanes-Oxley. Another reason is cost: dealing with a lost
customer record costs a company $90 without encryption, compared to
just $6 if the data is encrypted, said Anderson, citing
Gartner.
Anderson said Cisco’s approach minimizes latency and maximizes
performance, integrates with existing hardware, software and data
center management practices, and provides the flexibility to
deliver encryption when and where it’s needed.
The service will be delivered as a module in Cisco’s modular and
semi-modular MDS 9500 and 9200
Fibre Channel switches. The first products will encrypt tape
and virtual tape (
VTL), with encryption for heterogeneous disk storage arrays to
be added at a later date.
Anderson said Cisco is working actively on standards and with
partners’ APIs
to make key management highly available. The solution will be IEEE
1619 AES
256 compliant, the company says.
Cisco says the heterogeneous solution can also encrypt traffic
from any virtual SAN (VSAN), with automatic load balancing across
multiple SANs, and Cisco Fabric Manager and a command line
interface (CLI)
approach performs provisioning, key and user management with no
need for additional management software. The hardware will also
support other SAN services and features.
Cisco says its approach gives it performance, flexibility,
scalability and ease of management that host, appliance and storage
device-based approaches don’t offer. The company also plans
advanced security certifications for the offering.
Cisco isn’t the only storage switch vendor making news this
week. Arch rival Brocade claimed at the Storage Decisions show in
Chicago this week that its 48000 Director is two to three times
more efficient than the Cisco MDS 9513.
Deepak Munjal, Cisco’s Data Center Solutions marketing manager,
didn’t dispute the Brocade claim, but pointed out that networking
devices only account for about 15 percent of overall data center
power consumption. When capacity, performance and features such as
integrated routing are factored in, customers may need fewer boxes
and less overall power with Cisco switches, he said, calling
Brocade’s comparison “simplistic.”
Article courtesy of Enterprise Storage Forum
