This article can also be found in the Premium Editorial Download "Storage magazine: Boosting data storage array performance."
Download it now to read this article plus other related content.
Kasten Chase's Assurency SecureData Appliance 2.0
COST: $62,000 as tested; $34,050 for one appliance, server card and driver
The assurency SecureData system consists of one or more SecureData Appliances, and one or more servers with the AC 2400 Crypto-Accelerator and Assurency Server Encryption Driver (SED). Servers can run multiple HBAs, and the product works with any type of storage, from directattached IDE to FC. Assurency supports only the Windows 2000 or 2003 Server operating systems. The appliance is used for key storage and management; data doesn't run through it. Appliances can be clustered for high availability.
We set up the Dell PowerEdge 2850 server with AC 2400 and SED, and two appliances as a cluster. The first step in setting up this system is to configure a Sony fingerprint reader, which is used for user authentication. Once the reader is set up, it's plugged into the primary appliance; the quickstart setup then configures the network information and initial security officer configuration.
The quick-start program assumes a clustered installation, although multiple units aren't required. You can also set the system up so that multiple users are required to login to unlock the system. Once the basic setup of the appliance is configured, the board is installed in a server and the SED software is installed.
The user interface is simple and straightforward. Setting up the necessary security roles and policies took little time--we simply created a new folder and moved content into it. There was no measurable difference between file I/O to that folder and an unencrypted folder; there was about a 5% average difference in server utilization.
For data that's no longer needed, Assurency SecureData Destruction features multiple overwrites to ensure deleted data can't be recovered, and can find and remove (decommission) tape as well as replicas.
Because the Assurency system works with data on any type of storage device-- and because of its scalability, flexibility and low impact on server overhead-- it's a good fit for general encryption tasks. But with a price of $6,100 for the AC 2400 Crypto-Accelerator and driver, and $27,950 for the appliance, the overall cost is approximately double that for Vormetric's CoreGuard, which has a somewhat stronger access-control feature set and much broader server operating system support. With no equivalent to the Crypto Accelerator board, CoreGuard may have a higher impact on server utilization.
This was first published in January 2006