Академический Документы
Профессиональный Документы
Культура Документы
TABLE OF CONTENTS 1 2 3 4 5 INTRODUCTION ....................................................................................................................... 3 THE NEED TO ENCRYPT STORAGE DATA .......................................................................... 3 THREAT MODEL FOR DATA AT REST AND DATA IN FLIGHT ........................................... 4 CHOOSING AN ENCRYPTION SOLUTION ............................................................................ 4 WHERE AND HOW TO IMPLEMENT ENCRYPTION ............................................................. 5
ENCRYPTION IN THE APPLICATION OR DATABASE ...........................................................................................5 ENCRYPTION IN THE FILE SYSTEM OR OPERATING SYSTEM ..........................................................................5 ENCRYPTION IN THE DEVICE DRIVER OR NETWORK INTERFACE ...................................................................5 CENTRALIZED ENCRYPTION ON THE NETWORK ................................................................................................6 ENCRYPTION IN THE STORAGE DEVICE ..............................................................................................................6 DECIDING WHICH ENCRYPTION METHOD TO USE .............................................................................................7
CONCLUSION ............................................................................................................................... 10
INTRODUCTION
IT managers are working hard to ensure the security and integrity of key enterprise data. Damage to data can occur as the result of an intentional attack from a variety of sources, including hackers, terrorists, company competitors, and disgruntled employees. Data can also be damaged by accident, by careless or poorly trained employees. Whether malicious or accidental, the consequences of a threat exploiting a vulnerability can be devastating to the enterprise. Inadequate security can result in the disclosure of confidential data to unauthorized recipients, loss of integrity due to damaged or deleted data, and loss of access to the data. To reduce the risks of exposing or damaging company data, IT managers must evaluate all of their data storage security processes. Organizations that are effectively protecting their data obtain many benefits, including increased customer trust; reduced losses due to fraud or theft; maintaining privacy and integrity of data while at rest or in flight; and the ability to achieve compliance with industry regulations. Storage encryption is one of the core features of a storage security strategy that is rapidly gaining popularity with enterprises that process and store data. Storage encryption solutions use encryption technologies to secure data whether it is online, backed up, or archived, both in transit (data n flight) and on the storage medium (data at rest). Storage encryption enables enterprises to cost effectively protect the confidentiality of data stored in their storage infrastructure networks. By encrypting stored data, enterprises gain the ability to protect the companys private data from accidental or malicious intruders, reduce capital expenditures, and achieve savings in data transport costs.
The advantages of networked data storage technologies such as network-attached storage (NAS) and storage area networks (SAN) are well established, but having data on a network creates significant security risks. Data that resides in a networked storage environment can be much more vulnerable to unauthorized access, theft, and misuse than data stored in direct-attached storage (DAS) appliances. This is because aggregated storage in a SAN is not designed to compartmentalize the data it contains. As a result of pooling storage, data that originated in different applications or company divisions becomes comingled when stored in the network. Data backups, off-site mirroring, and other data replication techniques further increase the risk of unauthorized access to data from people both inside and outside the company firewall. With storage networks, a single security breach can threaten much larger data repositories than isolated storage systems. Curious or malicious insiders, administrators, partners, hackers, contractors, and outsourced service providers can all gain access to data quite easily. IT managers are seeking storage infrastructure solutions that will help them minimize risks and achieve the following goals. Achieving internal and external compliance: Complying with external entities and laws, such as PCI, SEC, GLBA, HIPAA,, and SOX Maintaining internal security policies and access controls Minimizing the risk of unauthorized access Securing intellectual property: Maintaining competitive advantage by securing the most important business assets Protecting key data from internal and external attacks Reducing TCO: Achieving quick, easy, plug-in deployment Minimizing costly changes to storage infrastructure Securing data at rest and data in flight Current technologiessuch as firewalls, Intrusion Prevention Systems (IPSs), and Virtual Private Networks (VPNs)seek to secure data assets by protecting the perimeter of the network. LUN masking and zoning in SAN environments also attempt to address concerns about security. Unfortunately, these targeted approaches cannot adequately secure storage if data is still stored in cleartext (that is, data that is transferred or stored without cryptographic protection). Encrypting data at rest on tape and disk as well as
data in transit significantly mitigates these threats and enables enterprises to secure data while maintaining current service levels for operations.
Over the lifespan of data, nearly all media eventually leave the owners control, either when it is decommissioned at its end of life or end of lease or is returned for warranty or repair. Loss of physical control of storage media includes all media types, such as removable media such as tape cartridges, disk drives in servers, and networked storage drives. Even if the media is decommissioned due to end-of-life or system failure, the data on that media may still be readable. For example, data on the vast majority of failed hard drives can still be read; even drives that were part of a striped array are also at risk. Disk striping divides a body of data into blocks and spreads the data blocks across several partitions on several hard disks, but in a failure, some data remains. The typical stripe size in todays arrays is large enough to expose hundreds of customer names and social security numbers. Some companies require data cleansing before recycling all storage media. However, these methods do not guarantee the elimination of the data. These security processes can be ineffective if human beings misplace or skip any media that need to be sanitized before recycling. Even if all media are cleansed, overwriting media can take hours or days, may miss reallocated portions of the media, or may not work at all under certain failure conditions. There is also no indication of when the processes are complete. It is clear that most methods of data cleansing are imperfect. These issues and the increasing risks of data exposure have rapidly accelerated the widespread interest in encryption. Encryption can automatically secure the data when the media leave the owners controlwithout dependence on humans and costly, time-consuming, and imperfect processes.
One of the most effective methods of protecting the privacy of data is to encrypt it. Encryption is the process of converting readable cleartext into unreadable ciphertext, which can later be decrypted back into the original content. Encryption technologies can be used to protect an organization's SAN, NAS, tape, and iSCSI data stores. Storage security technology is based on an array of encryption algorithms. However, all encryption algorithms have finite periods of usability. As the existing encryption algorithms age and processor power increases, todays algorithms become progressively more vulnerable to breaking. Earlier encryption algorithms such as DES and 3DES, and hashing algorithms such as MD5 and SHA-1, are now considered to be insecure. Effective encryption solutions should take advantage of the strongest commercially available algorithms such as AES. It is also important to consider the complete security of a systemencryption is only as strong as its weakest link. If data is encrypted using AES-256, but keys are stored in cleartext and left in an open operating system, it is fairly easy to compromise the entire system. Because of the changing nature of encryption standards, it is also important that the encryption solution can be upgraded to address emerging standards without requiring full hardware replacement. Effective encryption solutions should provide the following functionality: No performance impact: The solution should be able to compress and encrypt data at wire speeds without a requirement for additional CPU overhead. Ease of Installation: An effective solution should deploy seamlessly into the current IT environment. Installation should require zero downtime and not cause any disruption to workflow. It should not require any modifications to the hosts, servers, and applications, and it should not necessitate forklift upgrades to storage. Strong Key Management: The solution should provide secure encryption keys and maximize availability when needed. Scalability: As the amount of data grows, the solution should scale cost effectively.
When selecting an encryption solution, it is also important to make sure that the solution has gone through formal, independent certification. The standard certification body for encryption technologies is the National Institute of Standards and Technology (NIST), which tests and certifies third-party products against a standard called the Federal Information Processing Standard (FIPS). Other certifications, most notably the international Common Criteria standard, are also used to validate that encryption products have been built properly. Without independent validation, it is difficult to be sure that the products perform as promised.
There are several choices for where and how to implement encryption. Each method imposes some tradeoffs for performance, complexity, and ease of use. The following sections examine the pros and cons of each method.
Temporary keys are used and periodically updated. When solutions focus on data at rest, encryption keys protect data for much longer periods of time. This requires that the length of the key and strength of encryption are sized appropriately and that key management includes the ability to maintain keys for long periods of time.
Network
Enables encryption on existing storage devices Can selectively encrypt only the data than needs to be encrypted
Provides full disk encryption The device can leave the owners control securely Simplifies key management No significant performance impact to the system Allows encryption to scale linearly automatically as more storage is added to the system No need to classify which data to encrypt
May not work across all vendor storage environments May add cost to the device Requires forklift upgrade of existing storage devices
Enterprises can now secure sensitive data across the entire organization and manage stored data through NetApps enterprise-wide foundation of control. NetApp storage security systems deliver nondisruptive, comprehensive protection for sensitive data across the enterprise, for both data at rest and data in flight. NetApp storage solutions enable enterprises to protect intellectual property and confidential information, more easily comply with industry and government regulations, and preserve company reputation by avoiding publicized loss of data.
NETAPP DATAFORT
NetApp DataFort systems combine secure access controls, authentication, storage hardwarebased encryption, and secure logging to protect stored data. NetApp DataFort appliances provide protection for the following environments: E-Series DataFort appliances: NAS stores and iSCSI storage FC-Series DataFort appliances: FC SAN and tape storage mediums S-Series DataFort appliances: SCSI tape environments NetApp DataFort storage security appliances enable enterprises to secure networked storage by locking down stored data with strong encryption and by routing access for all secured data through secure hardware. The appliances are designed to maximize security without affecting network performance or user workflows. As a result, storage administrators can confidently and quickly encrypt all sensitive data,
With NetApp DataFort appliances, storage and security administrators have the ability to: Compartmentalize data in centralized storage devices to provide an additional layer of protection for secure data Encrypt and secure data on storage devices and in transit Protect backup media, mirrored servers, and disaster recovery sites Comply with security and privacy regulations Protect sensitive stored data from unauthorized access with secure access controls, authentication, storage encryptions, and secure logging Generate customizable logs to track relevant events to record a history of administrative actions and identify who is trying to intrude into the network Fend off security breaches by using AES 256-bit encryption and a true random number generator to create strong keys that never leave the secure hardware of NetApp DataFort
All NetApp security appliances support creation of administrators with granular, customizable roles. Each administrator role is allowed only a subset of duties, so that responsibilities are distributed among multiple individuals. NetApp DataFort is flexible enough to allow creation of custom administrator roles by combining multiple roles into an administrator that suits a companys unique needs. To provide an irrefutable audit trail for encrypted data access and administrator activity, secure audit logging is available for all NetApp storage security appliances. Each log message can be cryptographically signed. Attempts to modify the signature or the logs themselves can be easily verified for integrity and authenticity.
BROCADE ENCRYPTION
NetApp and Brocade have developed a joint fabric-based data encryption approach that delivers nondisruptive encryption and provides a centralized point of management for storage security and key management. The joint solution helps to enable a whole new level of encryption performance by giving customers the ability to quickly and easily encrypt corporate data for increased security and compliance with simplified policy management. Additionally, the incorporation of NetApp technology enables NetApp customers to operate the Brocade Encryption Switch in NetApp DataFort compatibility mode, serving as a next-generation NetApp DataFort security appliance. The joint encryption solutions are available on the Brocade Encryption Switch, a high-performance, 32-port, auto-sensing 8Gbit/sec Fibre Channel switch, and the Brocade FS8-18 Encryption Blade, which provides the same plug-in storage security services in a 16-port blade for use in the Brocade DCX Backbone. For simplified customer deployment with lower risk, the Brocade data encryption solutions can be implemented without disruption into the fabric and applied to specified data flows. Both encryption products preserve existing and new storage investments by supporting a heterogeneous mix of networked storage systems and providing future support for virtual tape libraries and tape drives. Benefits of the joint NetApp and Brocade solution include: No performance impact: Users realize unparalleled encryption processing speeds (up to 96Gbit/sec), which means that they can encrypt without the traditional performance penalty. Ease of installation: The solution plugs in to networks that support all heterogeneous servers (including virtual machines) in data center fabrics. Implementation is easy, with nonintrusive deployment into the SAN switching fabric.
Strong, centralized key management: Protects against electronic and physical attacks. Customers can deploy maximum security through tamper-proof hardware enclosures, key signing, role-based administration, and quorum control with the NetApp Lifetime Key Management solution. Enterprise-class scalability: IT can scale storage enterprise-wide and on demand, enabling pay as you grow for quick implementation of data security. Minimized operating costs: Low power requirements minimize operating costs as enterprises scale up, lowering the total cost of ownership necessary to encrypt massive amounts of data.
CONCLUSION
Networked storage speeds access to informationbut it can also leave data vulnerable. Firewalls and intrusion-prevention systems can secure assets at the perimeter, but data at the storage core can still be exposed to both internal and external attacks. IT organizations are working hard to ensure the security of the companys valuable data assets, complying with regulatory mandates, meeting industry standards for data confidentiality, and ensuring data security from any and all threats. Enterprises that effectively protect key data experience many benefits, including increased customer trust, reduced losses due to fraud or theft, and the ability to comply with industry regulations. NetApp and Brocade provide industry-leading storage encryption and key management capabilities that enable enterprises to achieve security throughout the entire lifecycle of regulated and sensitive data without disrupting applications, clients, servers, or user workflow. For more information about NetApp storage security systems and the joint NetApp and Brocade solution, go to http://www.netapp.com/us/products/storage-security-systems/.
www.netapp.com
10
2009 NetApp. All rights reserved. Specifications are subject to change without notice. NetApp, the NetApp logo, Go further, faster and and Lifetime Key Management are trademarks or registered trademarks of NetApp, Inc. in the United States and/or other countries. All other brands or products are trademarks or registered trademarks of their respective holders and should be treated as such. Using Encryption to Increase the Security of Networked Storage WP-7069-0209