Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Proceedings of ICDER-2016
Thyagaraja Murthy A
Associate Professor
Department of Electronics and Communication Engineering
Sri Jayachamarajendra College of Engineering
Mysuru, India
trmsjce@gmail.com
I.
INTRODUCTION
II.
III.
www.iaetsd.in
33
IAETSD 2016
ISBN-13: 978-1537033419
Proceedings of ICDER-2016
IV.
34
IAETSD 2016
ISBN-13: 978-1537033419
Proceedings of ICDER-2016
C.
Considerations:
Will scalability be an issue as data grows?
Is port connectivity, rack space, or power an issue?
Advantages:
Enables encryption on existing storage devices
Can selectively encrypt only the data than needs to be
encrypted.
Advantages:
Information is protected from the server through the SAN to
the storage.
Challenges:
Current solutions tend to focus on data in flight versus data at
rest where there is a possibility of capturing data in flight and
performing an analysis to find the keys and access the data.
D.
Challenges:
Some early solutions added latency to the encryption
process, but newer solutions add less than a millisecond of
delay to ensure that backup windows are maintained in tape
applications.
E.
Storage Devices
Considerations:
Will encryption work across all vendor storage (that is,
heterogeneous) environments?
What kind of key management will be used?
Database or Application
Considerations:
Is all sensitive data in one or two columns in a database?
Will application performances be affected?
Advantages:
Provides full disk encryption.
The device can leave the owners control securely.
Simplifies key management.
No significant performance impact to the system.
Allows encryption to scale linearly automatically as more
storage is added to the system.
No need to classify which data to encrypt.
Advantages:
Minimal performance impact on the application.
Challenges:
Must identify all fields with sensitive or regulated data.
Need to ensure that all changes to application or schema
include whether they should be encrypted.
Difficult to find compatible solutions that use a common key
management infrastructure.
Some applications may not natively support their own
encryption mechanism.
B.
Network
Considerations:
Will interoperability with other SAN devices be an issue?
How many storage devices need to be protected?
A.
Challenges:
May not work across all vendor storage environments.
May add cost to the device.
Requires forklift upgrade of existing storage devices.
VI.
Considerations:
Will it be uniform across all environments and operating
systems?
Will performance be affected or disrupted?
Advantages:
Provides the ability to provision encryption processing
where it is needed.
May allow selective encryption.
Challenges:
www.iaetsd.in
35
IAETSD 2016
ISBN-13: 978-1537033419
Proceedings of ICDER-2016
NETAPP DATAFORT
BROCADE ENCRYPTION
NetApp and Brocade have developed a joint fabric-based
data encryption approach that delivers nondisruptive encryption
and provides a centralized point of management for storage
security and key management. The joint solution helps to enable a
whole new level of encryption performance by giving customers
the ability to quickly and easily encrypt corporate data for
increased security and compliance with simplified policy
management. Additionally, the incorporation of NetApp
technology enables NetApp customers to operate the Brocade
Encryption Switch in NetApp DataFort compatibility mode,
serving as a next-generation NetApp DataFort security appliance.
VII.
CONCLUSION
www.iaetsd.in
36
IAETSD 2016