Feeds

Storage forensics – it's CSI:Disk array

Red ports don't write, says WiebeTech

Security for virtualized datacentres

Forensic storage developer WiebeTech has developed a pair of write-blocked PCIe adapter cards that connect to devices such as disk drives or arrays, but prevent the host computer from writing to them.

The RedPort cards allow an investigator to study or copy stored data without the risk of accidentally altering it, according to WiebeTech CEO and president James Wiebe. He claimed that if you make a normal host adapter read-only it may still be possible to reverse that in software.

"A primary design task was to ensure that an investigator would not be able to turn a RedPort card into a read/write card by accidentally installing the wrong software drivers," he said. "Thus, either RedPort works write-blocked, or it doesn't work at all."

The reason for doing read-only adapter cards is that WiebeTech's other forensic gear only connects to individual hard drives. That's a bit of a pain if you have a multi-drive array to copy – more so if those drives are part of a SAN or a RAID set.

The RedPort cards each provide two write-protected 4Gig Fibre Channel or Ultra320 SCSI connectors. WiebeTech said they're called RedPort because the ports are red. Actually, they're not – the back panel plates are striped red, but the effect is similar.

They're not cheap – they list at £1,769 and £719 respectively – but that's not much compared to the cost of losing a court case because you damaged the evidence. The cards use ATTO hardware with modified firmware, and are distributed in the UK by AM Micro. ®

New hybrid storage solutions

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.