Published: 12 Jan 2006
This hands-on evaluation of three of the top data encryption products reveals differences, both subtle and significant.
WITH DATA LOSS IN THE NEWS SO MUCH LATELY, encryption products are suddenly getting a lot of attention. Storage magazine invited five of the major players--Decru Inc. (now owned by Network Appliance Inc.), Ingrian Networks Inc., Kasten Chase Applied Research Ltd., NeoScale Systems Inc. and Vormetric Inc.--to participate in a review of encryption products. While Decru and Ingrian declined to participate, we were able to review the other three encryption products.
Kasten Chase uses an encryption offload board and agents on each server, and encrypts at the file or folder level. Vormetric uses agents on each server to encrypt selected files or folders on internal or external storage. The NeoScale appliance sits between the server and the SAN, and encrypts all data moving to and from storage.
Kasten Chase's Assurency SecureData Appliance 2.0 and Vormetric's CoreGuard both use an appliance for key storage, policy management and control--data doesn't go through the appliance. With NeoScale's CryptoStor FC, all data passes through the appliance.
There are many similarities among the products. For example, all three allow (and encourage) mirrored devices, as failure of a single encryption system would block access to data. And each product is oriented toward a multitiered security model that permits data access audits and separates operational roles from security and auditor roles. Each system also provides a method of recovering data in case of a complete meltdown of the encryption system, as long as keys have been saved to portable storage.
Setting roles and encryption policies
Before setting up security policies, you must decide on the number of separate roles (such as security officer, auditor, backup operator, storage operator and compliance operator) that will have access to the encryption system. The three appliances also require security policies that define what data will be encrypted. This may be as simple as encrypting all of the data in a particular folder or as complex as encrypting all .txt, .xls or .db files used by a particular program and user ID.
Each type of encryption has its pros and cons. The agent-based method used by Kasten Chase and Vormetric is more flexible: Specific files, folders or application data can be encrypted on any storage device, and multiple host bus adapters (HBAs) per server are easily supported. NeoScale's encryption is Fibre Channel (FC)-only and carried out at the block level, so an entire LUN is either encrypted or not. On the other hand, because Kasten Chase and Vormetric rely on agents on each server, agents must be available for the operating system in use; however the agents can degrade server performance by 5% to 10%. The NeoScale device doesn't impact server performance and is operating system agnostic.
All of these products will encrypt only the data that passes through them. If you have an existing file system that needs to be encrypted, you'll need to rewrite everything in it or copy everything from the old unencrypted store to the new encrypted one. The manufacturers recommend that you do this before allowing user access; if users access the system before a volume is fully encrypted, it could result in files that are only partially encrypted because only the changed blocks are encrypted when a file is altered.
Another thing to keep in mind: Once you buy into one of these systems, there's no simple migration to another encryption product. These products are designed using standard encryption algorithms, but the way they're applied is different, so there's no interoperability among various products. To move from one product to another, you have to decrypt everything using the original product, uninstall, install the second product and re-encrypt all the data
In testing each product, we used Iometer to generate traffic between a server and storage using a Hewlett-Packard DL380 dual-Xeon 2.8GHz server with a QLogic QLA2342 HBA and a Nexsan SATABlade storage subsystem, enabled encryption and re-tested to see how much impact encryption had on throughput. Kasten Chase supplied a Dell PowerEdge 2850 singleprocessor 3.2GHz server with its Crypto-Accelerator card installed. In all three cases, throughput was minimally impacted with encryption working, although server utilization was up 5% to 10% with the Kasten Chase and Vormetric products.
Kasten Chase's Assurency SecureData Appliance 2.0
COST: $62,000 as tested; $34,050 for one appliance, server card and driver
- Software agents and encryption accelerator have minimal impact on server performance
- Supports all types of storage, including tape
- Good scalability
- Good policy management
- Supports only Windows 2000/2003 Server
- Requires XML and Java support in application servers
The assurency SecureData system consists of one or more SecureData Appliances, and one or more servers with the AC 2400 Crypto-Accelerator and Assurency Server Encryption Driver (SED). Servers can run multiple HBAs, and the product works with any type of storage, from directattached IDE to FC. Assurency supports only the Windows 2000 or 2003 Server operating systems. The appliance is used for key storage and management; data doesn't run through it. Appliances can be clustered for high availability.
We set up the Dell PowerEdge 2850 server with AC 2400 and SED, and two appliances as a cluster. The first step in setting up this system is to configure a Sony fingerprint reader, which is used for user authentication. Once the reader is set up, it's plugged into the primary appliance; the quickstart setup then configures the network information and initial security officer configuration.
The quick-start program assumes a clustered installation, although multiple units aren't required. You can also set the system up so that multiple users are required to login to unlock the system. Once the basic setup of the appliance is configured, the board is installed in a server and the SED software is installed.
The user interface is simple and straightforward. Setting up the necessary security roles and policies took little time--we simply created a new folder and moved content into it. There was no measurable difference between file I/O to that folder and an unencrypted folder; there was about a 5% average difference in server utilization.
For data that's no longer needed, Assurency SecureData Destruction features multiple overwrites to ensure deleted data can't be recovered, and can find and remove (decommission) tape as well as replicas.
Because the Assurency system works with data on any type of storage device-- and because of its scalability, flexibility and low impact on server overhead-- it's a good fit for general encryption tasks. But with a price of $6,100 for the AC 2400 Crypto-Accelerator and driver, and $27,950 for the appliance, the overall cost is approximately double that for Vormetric's CoreGuard, which has a somewhat stronger access-control feature set and much broader server operating system support. With no equivalent to the Crypto Accelerator board, CoreGuard may have a higher impact on server utilization.
NeoScale Systems' CryptoStor FC
PLATFORM: Any (no host software required)
- Hardware-based encryption operates at line speed
- No server agents required
- No policy management or access control capabilities
- Separate appliance required for tape
- Supports only Fibre Channel
Neoscale's inline architecture will appeal to administrators who don't like adding agents to their servers, and who are looking for the highest levels of throughput with no impact on server utilization. CryptoStor FC runs at 2Gb/sec and will support 4Gb/sec throughput when it becomes available in the first half of 2006.
However, CryptoStor works only with FC storage and only at the LUN level, so an entire storage device is either encrypted or not. NeoScale has separate appliances for handling tape and storage over WAN (VPN) encryption.
With its wizard-based installation and configuration program, CryptoStor is very simple to set up. Once the network configuration is completed, the rest of the configuration and management is done using CryptoStor's dedicated Web management interface. After the system encryption keys are created, the storage can be attached, the encryption enabled and the disk formatted.
NeoScale's installation procedure assumes that CryptoStor will be installed with a new storage subsystem. It's possible to install the appliance between a server and an existing storage subsystem, but that requires all the data on the storage to be rewritten with an online data prep utility, which encrypts the existing data before it can be made available to users again. This process runs at approximately 500KB/sec. CryptoStor supports storage virtualization that moves blocks via a host agent, but you'll want to check with the virtualization manufacturer to determine whether its product moves blocks or data at the file system or higher level.
The CryptoStor system supports Federal Information Processing Standards (FIPS)-compliant mode, which meets all of the security requirements for government high-security data processing, such as forcing separate roles for a storage administrator and a security officer. But NeoScale lets you combine these roles if you choose not to use the FIPS-compliant mode.
Keys can be exported onto a smart card or into an encrypted file (password and system key protected), and offsite disaster recovery technicians can use a software utility to unencrypt data if necessary.
CryptoStor is a transparent and simple encryption system that produces little or no loss of performance in an FC environment. For administrators who don't have policy enforcement issues or a requirement to keep some data in the clear, CryptoStor is easier to implement and use than agent-based systems.
COST: Starts at $15,000 for one security server and one Policy Enforcement Module (agent)
PLATFORM: Windows, Solaris, AIX, Linux (32- and 64-bit), HP-UX
- Excellent access control
- Flexible storage policy management
- Supports a wide variety of operating system environments
- Allows encryption of specific files or folders
- Easily scales with multiple agents/cards
- Can impact server performance by 5% to 10%
Vormetric's coreguard consists of a security server and one Policy Enforcement Module (agent), and is an extremely flexible system for determining what data is encrypted and which users have access to that data. According to Vormetric, some customers use the system for access control and policy management without enabling the encryption. The system supports a wide range of operating systems, including Windows XP/2000/2003, Red Hat and SUSE Linux, AIX, Solaris 8/9 and HP-UX. Installing the driver is easy, and the impact on server utilization runs from 5% for low loads to nearly 20% under heavy loads.
Setting up the appliance is straightforward: There's a console-based setup utility for network configuration and browser-based administration software for the rest of the configuration. (Unfortunately, the browserbased administration software doesn't work with Firefox.) In addition to a dedicated management Ethernet port and a heartbeat port for failover, CoreGuard has two gigabit Ethernet ports and two gigabit interface converter (GBIC) ports for fiber or copper gigabit Ethernet.
CoreGuard offers a strong feature set for auditing and monitoring data access, as well as tracking user IDs and applications used to access data. It can limit access to files to particular applications, for instance, making a text file accessible through WordPad but not Word. It can protect system files in specific folders (.DLL files in the Windows/System32 folder, for example). Vormetric recommends clustering appliances in a geographically distributed architecture. The system supports auto-replication between appliances. Administrators can set up an offline mode that prompts for passwords and allows access when an appliance is offline or unavailable over a WAN.
The appliance can control which directory an application runs from, so an application with the same name won't run if spyware or a Trojan is installed. A host integrity feature allows administrators to restrict applications on a server to signed applications so other applications won't be permitted to run. When you set up a folder, the folder should be empty because anything in it will be automatically encrypted.
With a starting price of $15,000 for one security server and one Policy Enforcement Module, the CoreGuard system is an extremely flexible encryption and access control system. Its performance is the lowest (server utilization is highest), although in our tests the server was still able to maintain maximum throughput over a 2Gb/sec FC adapter. However, it offers great access control, support for a wide variety of server operating systems and features that might make it a fit for some organizations that don't need encryption, but want greater access control.