 |
|
|
“As we got into the implementation details, it became clear that for usability and support, NeoScale was really the only option.”
- Derek Olson, UNIX Systems Administrator, Qsent |
|
|
|
|
|
CryptoStor® Tape
Enterprise-Class Tape Protection Appliances
NeoScale CryptoStor Tape is a readily deployable, high-speed tape security appliance that compresses, encrypts and digitally signs data as it goes to tape media or virtual tape - without disrupting backup processes. CryptoStor dynamically intercepts backup/restore communications between hosts and tape libraries-centrally managing and fully off-loading tape media security functions. It seamlessly integrates with widely used backup applications and incorporates Global Key Management technology for strong key management and data recovery with the appliance or with a software-only utility.
Tape at Risk
Tape media is considered the most reliable and prevalent source for enterprise data recovery; whether used for remote/tiered backup, centralized secondary storage or bulk data transport. While enterprises have implemented access controls and tighter infrastructure management provisions, such safeguards do not encompass the tape media itself.
Most data stored on removable media can be lost, stolen or compromised. Unauthorized users can readily read tape data, analyze confidential information, and even rebuild entire systems - without a trace. The greater the availability and sensitivity of backup data, the greater the risk.
CryptoStor Tape 700 Family
CryptoStor Tape 700 is a family of security appliances designed to meet the stringent security and performance requirements of larger enterprise customers. CryptoStor Tape 700 is a 2U rack mountable appliance which supports 2 or 4 Fibre Channel connections. It supports hardware-based AES-256, AES-128, and Triple DES encryption; LZS compression; and digital signatures. The appliance is designed to meet FIPS 140-2 Level 3 requirements. Its hot swappable redundant power supplies and fans deliver continuous data center operations. CryptoStor Tape 700 clustering supports redundant designs with automatic policy and key sharing between appliances.
Global Key Management
NeoScale's Global Key Management delivers a tiered strategy for complete key security while ensuring recovery of encrypted tape information from any authorized location.
- Tape Media – Key-per-tape security for maximum granularity
- Appliance – FIPS operation mode ensures that unencrypted keys never leave the appliance. CryptoStor Tape further supports M of N (shared secret) backup and recovery of system keys and configuration data for secure appliance recovery.
- Data Center – CryptoStor Tape clustering automatically shares tape keys and policy data to ensure automated tape recovery via any clustered tape security appliance. If an appliance fails, a replacement appliance can be quickly authenticated and synchronized with the remaining cluster members.
- Enterprise-wide – Using CryptoStor KeyVault, CryptoStor Tape appliances can now support worldwide tape recovery through any authorized CryptoStor Tape appliance or CryptoStor Tape Retrieval Software application. This allows automated and secure sharing of media and keys between datacenters, one-step disaster recovery of keys, and secure sharing of encrypted media with business partners.
Complete Media Protection
Non-Intrusive – Intuitive Web interface incorporates user-defined policies with rules specifying application, WWN, SID, tape label and backup application. System generated or user-entered encryption keys enable unique, pooled or provisioned media protection eliminating the burden of software drivers, agents or hard coded internal keys.
Reliable – Connect Fibre Channel or LVD SCSI ports to readily achieve uninterruptible strong tape encryption and compression at high-speed, sustained tape data-transfer rates. The system manages all key and media cataloging. CryptoStor Tape secure key media transport technology ensures remote or vaulted tape recovery even without hardware.
Secure – On the fly, block-level AES 128 or 256 standards-based encryption/decryption of tape media data. The appliance completely supports role-based secure remote management, true non-deterministic number key generation, encrypt key protection, key/media cataloging and escrow, and media authentication.
Key Applications
- Eliminate in transit and off-site media theft and liability risks
- Compliance with eCommerce, Healthcare, FDA, EU and other privacy legislation
|
