Securing Data at Rest
This week brought a couple of important announcments from HP and EMC supporting Cisco’s Storage Media Encryption (SME) technology.http://www.byteandswitch.com/document.asp?doc_id=150282&WT.svl=news2_1http://www.byteandswitch.com/document.asp?doc_id=124653Of course there are many existing approaches to encrypting data at rest. Many tape drive vendors offer this capability and there are appliance vendors that do the same. But just like other intelligent storage services that once resided on a host, an appliance, or a target device, encryption services will likely migrate to the network.Services such as SAN routing, SAN extension, and Storage Virtualization are increasingly being deployed in the network fabric eliminating the need to support multiple devices and multiple administrative models. Fewer devices also mean lower power consumption.Encrypting data at rest should be no different. Leveraging the MDS 9222i or the 18/4-port Multiservice Module (MSM) on the MDS 9500 Director, SAN administrators can deploy a non-disruptive, heterogenous solution that scales with increasing network speeds.What do you think? Where should encryption services typically be placed in a SAN? Should the network fabric provide this service or should customers continue to deploy multiple appliances to deliver the same solution?