Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

SafeNet Teams With NetApp To Launch Secure Storage Appliance

SafeNet Launches High Security Encryption Appliance for Network Attached Storage (NAS)

SafeNet Launches High Security Encryption Appliance for Network Attached Storage (NAS)

SafeNet, a provider of network security and data protection solutions, entered into the storage security market today with the launch of StorageSecure, a network attached storage (NAS) security appliance that encrypts data granularly over the network at high speeds.

Secure Storage ApplianceStorageSecure was developed in partnership with NAS vendor NetApp, and helps customers mitigate the risk of storage admins accessing high-value data, enables data shredding when needed, and provides a trustworthy audit trail for all StorageSecure-protected data access events.

Using its new secure storage solution, SafeNet says customers gain the benefits of compliance, improved governance, and data security for their mission-critical data at rest.

The company also pointed to insights from Gartner analyst Sid Deshpande who notes that large scale digital content and unstructured data are growing at a fast pace, and as a result an increasing number of users are adopting scalable NAS solutions. Moreover, the consolidation of corporate data, including high-value information, into large centralized repositories such as NAS is ushering in a new set of compliance-related issues and security risks. Multi-tenant NAS environments increases the number of users and storage administrators with access permissions to the same storage environment.

Features offered by SafeNet’s StorageSecure appliances include:

Policy-based Data Security: Granular encryption of data communicated over Common Internet File System (CIFS) and Network File Service (NFS) at the folder level segregating data stored in shared NAS environments ensuring that each user’s data is effectively isolated from unauthorized access by other users and administrators. An additional layer of protection against rogue administrators is unique in the industry.

Enhanced Data Governance: The FIPS 140-2 Level 3 StorageSecure is a tamper-proof network appliance with centralized high-assurance auditing and security management that stores and manages the encryption keys with complete security. This enables a complete audit trail of access events to high-value data stored in NAS.

Investment Protection: StorageSecure integrates within existing IT architectures and uses existing Active Directory, Lightweight Directory Access Protocol (LDAP) or Network Information Service (NIS) security policies and client authentication, and covers any CIFS and NFS communications supporting NAS and file servers.

Cross-platform Key Management: StorageSecure integrates with SafeNet’s Enterprise Key Management solution, KeySecure. KeySecure enables security teams to centrally and uniformly manage cryptographic keys across a wide variety of their organization’s encryption platforms, while at the same time streamlines key and policy administration. Based on the KMIP protocol (the industry standard key management protocol), KeySecure offers key management for StorageSecure, as well as a variety of storage encryption solutions including encryption for SAN by managing keys for Brocade encryption switch (BES)self-encrypted drives used in many new SAN and NAS environments (e.g. NetApp NSE), self-encrypted backup tape drives.

“As data volumes proliferate and breaches become a more common occurrence, organizations need to employ a new mindset that will help protect their digital assets from internal and external threats,” said Sangeeta Anand, corporate vice president and general manager, Data Protection Business Unit at SafeNet. “StorageSecure does just that by employing intelligent storage encryption and high-assurance key management to existing storage solutions. This helps organizations play proactive defense and keep structured and unstructured data safe, secure against insider threats and remain compliant with stringent industry regulations.”

According to Gartner Analyst, Eric Oulette in the July 27, 2012 Hype Cycle for Data and Collaboration Security 2012, organizations that use several disparate/isolated storage data encryption solutions should also consider the benefits of consolidating individual solutions into centralized data center storage encryption to simplify deployment and maintenance cost/efforts and to enable the consistency of encryption policy applicability.

StorageSecure is available immediately with two appliance options – the s220 model suited for 1Gbps networks priced at an MSRP of $40,000, and the s280 model built to tackle 10Gbps network infrastructure with an MSRP of $100,000.

Related Reading: Are You Gambling with Your Mission-Critical Security Assets?

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Cloud Security

Orca Security published details on four server-side request forgery (SSRF) vulnerabilities impacting different Azure services.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.