HP NonStop VolumeLevel Encryption withDataFort

Agenda About NetApp Storage Security Background Introduction to DataFort Focus on Key Management

About NetApp

Delivering Customer Success 3.0BFY07:FY07: 2.8 2.8 BillionBillion Worldwide, enterprise customers Fastest growing storage company– Outpacing the industry by 3x Data Center proven solutions portfolio 2.0B Industry-leading partners Comprehensive professional services Global support 1B 6500 Employees Fortune 1000 Distributed in 138 countries S&P 500 94,000 installed systems NASDAQ 100

NetApp’s Security Specialists In August 2005 NetApp acquired Decru, anorganization with an extensive security pedigreesolely focused on Storage Security Decru was founded 2001 to solve emerging storagesecurity problems– Regulatory compliance– Identify theft and data privacy– Insider threat The acquisition of Decru has made NetApp the clearleader in storage security, with top tier enterprise andgovernment customers

Storage SecurityBackground

Who Has Access to Sensitive csDocsGeneralCounselStorage Repair/Service StaffDR rsBackupAdministrators

Data Security Business DriversComplianceBestPracticesConsolidationInsider threatReplicationBrand protectionOutsourcing

Encryption ApproachesHost / ApplicationPros: Granular options Encrypted at host Lower cost (SW)Cons: CPU intensive, slow Weak Key Mgt Keys exposed in OS Complex toimplement/manage Poor coverage fordiverse environmentsNetworkPros: Transparent to host,storage, and apps Wire-speed encryptionand compression Strong logging andAccess Control HW-based - providesstrong securityCons: May require additionaldeviceStoragePros: Transparent to host Bundled with HWCons: Immature key mgmt No support fordiverse environments Lock-in to one vendor “Forklift upgrade” Not backwardscompatible in manycases

Information Security CompromisesHigh availability issuesPerformance degradationKey management complexity & securityApplication changes and downtimeDatabase changes requiredIncreased tape media usageChanges to desktops, servers, workflowA proper solution must address all of these concerns.

Introduction to DataFort

NetApp DataFort Storage Security AppliancesDataFort is the industry’s only unified platform forsecuring data at rest across the entire enterprise.DataFort integrates transparently into NAS, DAS, IP-SAN,FC-SAN & Tape (FC/SCSI/VTL) environments, and protectstored data with wire-speed encryption, strong access controls,authentication, and tamper-proof auditing.NAS/DAS/iSCSI: DataFort E-SeriesSAN/Tape: DataFort FC-SeriesSCSI Tape: DataFort S-SeriesLifetime Key Management system for automated,secure enterprise-wide key management

DataFort Storage EncryptionStorage EncryptionData writtento eCryptainer3Data readfrom storageClients/HostsAuthentication/Storage VPNACL EnforcementIPSec/SSL (NAS)Supports AD/NIS/LDAPCrypto-signed loggingAES-256 EncryptedCompartmentalizationMitigates insider threatsInformation sharingSecure Key Management

Example DeploymentDirect Attach Configuration: XP Array or FC Disk Module (FCDM)HP Integrity NonStopserverNetAppDataFortFC-Series(Also S-series NonStop)NetAppLKM ApplianceKM500HP StorageWorksXP ArraysAlso supports:DMCHP FCDisk ModuleDataFortManagementConsoleKeyReplicationPort LockingSAN Host AuthenticationAES-256 EncryptionCryptainer Vaults* DataFort can also be deployed in-line with zero disruption to zones/WWNsSecureReplicationto DR

Example DeploymentXP Array configuration – with FC switchesHP Integrity NonStopserverNetAppDataFortFC-Series(Also S-series NonStop)DMCNetAppLKM ApplianceKM500HP StorageWorksXP ArraysDataFortManagementConsoleKeyReplicationFC switchesPort LockingSAN Host AuthenticationAES-256 EncryptionCryptainer Vaults* DataFort can also be deployed in-line with zero disruption to zones/WWNsSecureReplicationto DR

NetApp Storage Encryption Processor(SEP) Flexible Security Platform Future-Proof– Industry’s only programmableencryption appliance– Field-upgradeable with latestencryption algorithms andnew features– No hard disks Secure– Encryption boundary isphysically encased inhardened epoxy– Cleartext keys never leaveSEP– Hardware-based true randomnumber generator (TRNG)enables high-entropy keys

DataFort Advantages Transparent Deployment––––No application/database changes or downtimeNative support for NFS, CIFS, iSCSI, Fibre Channel, SCSINo software agents required, appliance is OS-agnosticTransparent rekeying enables zero downtime deployment Wire-speed Performance– Supports multi-gigabit line rate speeds– Less than 100 microsecond latency (FC) with ‘Cut-through Crypto’– Tape: Hardware-based compression before encryption Hardware-based Security– Clear-text keys never leave secure hardware– Highest level certifications (FIPS 140-2 Level 3, CC EAL4 underway, DoD5015.2)– Trusted by sensitive military, intelligence, banking customers Secure Enterprise-wide Key Management– Secure key sharing among clusters for availability and informationsharing– Lifetime Key Management system for automated enterprise-widemgmt

Smart CardsSystem CardCryptographic “ignition key” to boot DataFort andaccess encryption keysOnce initialized, each is unique to a particular DataFortAdmin CardProvides 2 factor authentication for adminsRBAC allows multiple admins & rolesCan be shared among DataFortsRecovery CardsRecovery Cards are initialized during install,and can be shared among multiple appliancesQuorum of Recovery Cards (2/5, 3/5, 2/3) isrequired for sensitive key management andrecovery operations, providing role separation

A Commitment to Standards IEEE SISWG: P1619 Encryption standard– Emerging standard for ‘data at rest’ encryption– NetApp was the co-author and continues to lead ANSI T10– Key Management standards for transferring keys between storagedevices over SCSI protocol– NetApp is an active member on this committee Trusted Computing Group (TCG)– Broad standards efforts covering Trusted Processor Modules (TPM), diskdrive based encryption, and key management– NetApp is an active member in the TCG Industry: OpenKey – Co-operative efforts from leading companies to further key managementstandards

Standards Leadership The IEEE Security in Storage workgroup (SISWG) is working onstandards for encrypted storage media. Members of the groups SUNNetAppHitachiOpticaSeagate P1619 – Disk (based on NetApp’s implementation)– Ratified and awaiting final publication P1619.1 – Tape (based on NetApp’s implementation)– Ratified and awaiting final publication P1619.2 - Wide block for disk– Drafts in progress P1619.3 - Key Management - (based on NetApp’s implementation)– Draft 1 being worked

Focus on KeyManagement

NetApp Lifetime Key Management Automated, Secure, Enterprise-Wide Key Management1. Each DataFort applianceprovides automated, selfcontained key management.1Secure22. Keys are automaticallyand securely replicated toadditional cluster nodes.Secure KeyArchiveSecureLKMSecure33. All DataFort appliances across the enterprise replicate keys to NetAppLifetime Key Management (LKM) system, providing automated, secureenterprise-wide key management. Recovery smart cards enforce quorumapproval for sensitive operations.

Key management Objectives Ensure Availability– Keys must be available where and when you need them– Redundancy in Key Management System is crucial Policy Considerations for Key Management– Key Retention– Key Rotation Strong key generation requires the use of truly random numbersgenerated exclusively with hardware devices Keys must be properly protected to prevent unauthorized accessyet ensuring availability when expected to guarantee access toencrypted data. A secure method to destroy key materials at the end of theirusable lifetime is preferential

KM500 System Overview Hardened Appliance– FIPS 140-2 level 3 physical security– Administrator Role Based Administration Control– Tamper evident auditing and logging Storage Encryption Processor (SEP)– System Card for Ignition and physical security– Recovery Cards for LKM recovery– High entropy key source (TRNG) for third-partyencryption endpoint RAID-1 Disk Storage– Synchronous (response only after write completes) Hardened OS– Non-executable stack and heap– Statically linked code

NetApp OpenKeyOpen Interface– OpenKey : Open Interface intoNetApp Key Manager– Complete API– Secure network interfaceAvailable and Secure– High Availability Clustered KeyManager– Enables secure key distribution andkey access controls– Data Policy Management– Robust LKM DR capability thatfacilitate Oracle DR use cases– Hardware based key managementaccess controls

NetApp OpenKey Partner ProgramPartner program that enables development of interoperableencryption and key management solutions Proven -- Builds on a mature and proven key management platform, with over threeyears of deployments, some spanning globally-dispersed data centers Grounded in Standards -- The NetApp program builds on deep security expertise––NetApp co-chair and co-author for P1619, the IEEE standard for storage encryptionInvolved heavily with the Trusted Computing Group and ANSI T10. Whole Solution -- NetApp LKM appliance is a secure, highly-scalable, centrallymanaged platform, and is the only solution that will serve encryption end points forALL open storage protocols NetApp OpenKey API:––––Centralized management of enterprise-wide, distributed security domainsSecure communication channelsHigh entropy key generation with TRNGDevelopers’ kit with system/application requirements, test plans, and deployment guidelines

Who has access to sensitive csDocsGeneralCounselStorage Repair/Service StaffDR rsBackupAdministrators