This is a summary of an interview between SafeNet and NetApp’s Mike Wong, a technical marketing engineer and acting product manager responsible for NetApp storage security solutions. The impetus for this interview was SafeNet’s recent announcement of StorageSecure in partnership with NetApp.
Q: How did NetApp get into the encryption game?
A: NetApp customers store their most valuable data on our equipment and we’ve always believed in providing the strongest security technologies available. In 2005, NetApp acquired Decru, whose flagship products were storage encryption solutions, and I actually came on board in that acquisition. As part of NetApp, we’ve developed innovative ways to protect data at rest, and we’ve also looked to foster partnerships with industry leaders who complement our solution delivery. One of these partners is SafeNet. SafeNet has demonstrated leadership in the encryption and key management space, and has been able to help take our encryption product line to the next level.
Q: So what solutions are available today from SafeNet and NetApp?
A: We currently have KeySecure and StorageSecure. KeySecure is a key manager, and the successor to NetApp LKM appliance. StorageSecure is an Ethernet-based encryption solution that is the successor to DataFort. The SafeNet StorageSecure appliance brings a number of improvements to the original platform. For example, where DataFort was available only in 1 GbE, StorageSecure has both a 1 GbE and a 10 GbE model to handle the increasing data storage needs of our customers today. KeySecure is able to store and manage keys for not just StorageSecure, but a plethora of other encryption products which support the Key Management Interoperability Protocol (KMIP).
The way I like to explain the product interaction between SafeNet and NetApp is that NetApp is the storage at the end of the data path, the customer is the host, and StorageSecure sits in between to encrypt information at the storage level, and then decrypt data at the host level. NetApp is the storage vendor and SafeNet offers products to help our customers protect that storage.
Q: What are some of the common use cases where organizations would need encrypted storage?
A: One of the biggest use cases for encrypted storage is virtualization, which is an area of expertise for NetApp. Many service providers want the ability to compartmentalize their storage systems to offer multi-tenancy. In the old paradigm, if a storage provider had customers A, B and C – who may all be competitors – they would need three separate systems to ensure separation of data. Now, providers are able to combine systems and compartmentalize with virtual storage running a single system. From the customer’s point of view, it looks like they have a separate, dedicated storage system, but really it’s just a virtual environment running on one central machine.
The financial sector has always been keen on encryption. Banks, for example, have been interested for a long time and are using encrypted storage. There’s also been a resurgence in the healthcare industry. This past year, numerous healthcare organizations have been asking for encrypted storage for HIPAA and HITECH compliance.
Many service providers tell me that their customers in other industries are coming to them and asking for encryption options, primarily for regulatory compliance such as PCI and California SB 1386.
Q: What’s unique about StorageSecure and how does that help NetApp customers?
A: The unique thing about StorageSecure is that its encryption is so granular. Storage admins are able to enforce policies, compartmentalize, and separate data in ways that no one else is able to today. StorageSecure provides granular encryption for data at rest, encrypting at the CIFS and NFS level. Storage providers have the choice to able to encrypt at the vFiler level so the entire volume is encrypted, or simply shares within the virtual construct. NetApp customers such as ISPs are now able to offer their clients different tiers of storage, depending on whether they want just compartmentalized storage, or compartmentalized and encrypted storage.
Q: Where can people go to find out more about StorageSecure and NetApp storage solutions?
A: Both NetApp and SafeNet will be at VMworld next week, so attendees can stop by either of our booths for information. NetApp is at booth 1402 and SafeNet is at booth 1901. I’ll actually be presenting in the SafeNet booth at 3pm on Monday and Wednesday about securing storage in virtual environments. We also have several digital resources available on the web. My sessions will be posted to NetAppTV and NetApp.com is always a fantastic resource. For information on StorageSecure, visit http://www.netapp.com/us/products/storage-security-systems/storagesecure-encryption/, and for information on KeySecure visit http://www.netapp.com/us/products/storage-security-systems/key-management/keysecure/.