Few vendors have tackled the issue of data encryption on IP storage systems
As deployment of IP storage networks grows, so do the risks. Unlike Fibre Channel-based storage systems, IP storage area networks--and the data stored on them--are vulnerable to the same threats as any other IP device, from hack attacks to worms. But few customers are thinking about this problem, and only a few vendors have begun to address it.
Decru Inc. is one of them. The company next quarter will unveil an encryption appliance for the iSCSI protocol for IP networks. ISCSI converts blocks of data into standard file formats on IP networks, increasing its vulnerability. Priced around $40,000, the system helps reduce vulnerabilities using 256-bit key encryption.
Col. Robert Baker at the U.S. Marine Corps Network Operations and Security Command is an early customer using Decru's IP appliance. "We get encrypted data that's virtually untouchable," he says. "It would take a lot of supercomputers to break the code." Baker hopes some day to deploy the Decru iSCSI appliance out in the field during military operations.
Some of the biggest brands in the storage business have yet to tackle data encryption on their IP storage systems, though IBM says it's adding encryption to its DS6000 in the first quarter. Leading storage vendor EMC Corp. says it has plans early next year to build additional security measures into its content-addressable Centera system that runs on the IP network, including encryption and data compression, as well as indexing, which helps find encrypted and compressed data. EMC envisions the system serving as the basis of an Intel-based encrypted storage network grid. The system already secures information via computer-generated software key codes; without knowing the code, an individual can't gain access to data.
The digital-fingerprint feature was a selling point for Paul Vdovets, director of infrastructure at Adirondack Electronic Markets, an options exchange market-maker, who oversees 8 terabytes of information that's load-balanced between two Centera nodes, backed up by a cluster of hard disks. "The data isn't readily accessible, and intruders wouldn't be able to corrupt it or get access to it," Vdovets says.
One risk is that gateways between IP and Fibre Channel storage networks open up data residing on Fibre Channel SANs to security vulnerabilities, says Eric Hibbard, senior director of data networking at Hitachi Data Systems.
Stephanie Balaouras, an analyst at IT market research firm the Yankee Group, disputes that assessment, saying such intrusions would be blocked at the storage network switch. But she does worry that someone could corrupt data if he or she were able to directly access a switch. "The storage industry hasn't done much to prevent an attack from one person," she says.
Meanwhile, the industry also is contending with the issue of multiple security standards from groups such as the Storage Networking Industry Association, the T11 committee, and the Institute of Electrical and Electronics Engineers, and how they would integrate them, Hibbard says.
Rob Enderle, analyst and founder at IT market research firm the Enderle Group, believes it's ultimately up to the customers to take a more proactive approach to securing their storage systems. "Products are deployed in a knee-jerk way," he says, "and customers aren't stepping up and coming up with a measured approach."
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.