News Stay informed about the latest enterprise technology news and product updates.

NetApp carries Toshiba's self-encrypting SSDs

NetApp is the first storage vendor to sell Toshiba’s new highly secure solid-state drives (SSDs).

NetApp hybrid FAS and E-Series arrays will include Toshiba PXO4S 12 Gb per second SAS SSDs, built with Federal Information Processing Standard (FIPS) 140-2 Level 2 encryption.

The self-encrypting SSDs have sequential read and write speeds of up to 1,900 MiBps and 1,100 MiBps.

“Most SAS SSDs have non-encryption versions and encrypted versions. This is different because these SSDs went through a FIPS certification process, which is the highest government-level security,” said Cameron Brett, a director of SSD product marketing at Toshiba’s storage products business unit. “It’s the highest level of security for SAS SSDs because it’s certified by the government. It’s not an easy process. It’s very time-consuming.”

NetApp has shipped the SSDs in arrays since last month.

FIPS is a set of standards that describe document processing, encryption algorithms and other information technology processes for use within non-military federal government agencies and contractors who work with those agencies.

“The FIPS certification is very specific to the components and the firmware,” Brett said. “The drive itself cannot be breached.”

Tom Coughlin, an analyst at Coughlin Associates, said the self-encrypting SSDs are particularly important for data at rest.

“This is an important step for NetApp to make this part of their campaign,” Coughlin said. “They are making it a key part of their offerings and that is the first time I’ve seen that. And this is not software encryption. This is encryption that is built into the storage devices. When it’s built into the drives, the key is more secure.”

Coughlin said software-based encryption carries a large overhead tax for encrypting and decrypting the data.

“Software-based encryption puts overhead on the system whereas drives that are encrypted don’t have that overhead,” he said. “With software encryption, you have to rewrite the data with the encryption or change the keys. With hardware encryption, the data on the drives is always encrypted and the keys never leave the drives. All you need is good, strong passwords.”