This Content Component encountered an error

Backup hardware-based encryption

Hardware-based encryption related information <<previous|next>>

Encryption appliances reviewed

12 Jan 2006 |

This hands-on evaluation of three of the top data encryption products reveals differences, both subtle and significant.

WITH DATA LOSS IN THE NEWS SO MUCH LATELY, encryption products are suddenly getting a lot of attention. Storage magazine invited five of the major players--Decru Inc. (now owned by Network Appliance Inc.), Ingrian Networks Inc., Kasten Chase Applied Research Ltd., NeoScale Systems Inc. and Vormetric Inc.--to participate in a review of encryption products. While Decru and Ingrian declined to participate, we were able to review the other three encryption products.

A Comparison of Encryption Products
Kasten Chase uses an encryption offload board and agents on each server, and encrypts at the file or folder level. Vormetric uses agents on each server to encrypt selected files or folders on internal or external storage. The NeoScale appliance sits between the server and the SAN, and encrypts all data moving to and from storage.

Kasten Chase's Assurency SecureData Appliance 2.0 and Vormetric's CoreGuard both use an appliance for key storage, policy management and control--data doesn't go through the appliance. With NeoScale's CryptoStor FC, all data passes through the appliance.

There are many similarities among the products. For example, all three allow (and encourage) mirrored devices, as failure of a single encryption system would block access to data. And each product is oriented toward a multitiered security model that permits data access audits and separates operational roles from security and auditor roles. Each system also provides a method of recovering data in case of a complete meltdown of the encryption system, as long as keys have been saved to portable storage.