Feeds

Brocade encryption won't stretch to tape for months

Brocade provides next-gen DataFort

Internet Security Threat Report 2014

Brocade's encrypting switch and blade will be the performance migration path for NetApp's DataFort encrypting appliances, with tape fans having to sit tight until the end of the year.

Brocade announced its Encryption switch and blade strategy on Monday, but was ambivalent about tape support.

Jose Carreon, a Brocade director of infrastructure security marketing, has now confirmed the switch and blade products will be released in two phases with encryption of data on disk storage being supported now and tape drive and VTL support following in December. The December release will also support compression of tape or VTL-destined data.

Brocade and NetApp

The two products use technology from NetApp's encrypting DataFort appliance which NetApp gained through its Decru acquisition of June, 2005.

Carreon said: "We have cross-licensed Decru technology and we can read Decru-encrypted files. We're the migration path for customers needing higher-performance. NetApp has no plans to end-of-life DataFort and may re-purpose it to the edge."

Brocade's encrypting products work at 48Gbit/s in their base configuration and up to 96Gbit/s with a software upgrade, much faster than DataFort.

NetApp's Chief Technology Officer (CTO), Jay Kidd, blogged: "Brocade has new blindingly fast Fibre Channel switches and director blades that integrate almost 100Gbit/s of encrypting bandwidth. ... NetApp will resell the Brocade products as our next generation FC (Fibre Channel) DataFort. We always expected that encryption would become a feature of storage devices, tape drives, and fabric switches and this was our strategic intent when we acquired Decru 3 years ago."

NetApp will resell the Brocade encryption products as its Fibre Channel encryption offering with the DataFort E-Series being its Ethernet-connect offering and the S-Series being its SCSI-connection version.

Carreon said AES-GCM is just a particular version of AES-256. He added that there are two modes of AES-256 encryption, one for disk and one for tape.

Brocade and Cisco

Brocade's encryption products compete with Cisco's SAN fabric 9222i product which encrypts data going to tape and VTL but not, Cisco confirms, disk. (The 9222i includes the Storage Media Encryption functionality with its AES-256 encryption.)

Compared to the Brocade products, Cisco spokesperson Lee Davis said: "Cisco uniquely provides the ability to encrypt data traffic from any Virtual SAN (VSAN). Also, there is no extra software required for Cisco Fabric Manager for Key Management." Cisco can also encrypt traffic between its directors across 8Gbit/s FC links.

What about encrypting data going to drive arrays? "... that capability is being added in a near future release."

Carreon said of the Cisco product: "We're finding customers are not getting the up to 10Gbit/s of encryption performance claimed." Brocade has invited Cisco to an encryption bake-off with an independent third-party producing a report, and Cisco has agreed. Carreon said darkly: "Accepting the invitation is one thing. Showing up to the party is another." ®

Beginner's guide to SSL certificates

More from The Register

next story
Docker's app containers are coming to Windows Server, says Microsoft
MS chases app deployment speeds already enjoyed by Linux devs
'Hmm, why CAN'T I run a water pipe through that rack of media servers?'
Leaving Las Vegas for Armenia kludging and Dubai dune bashing
'Urika': Cray unveils new 1,500-core big data crunching monster
6TB of DRAM, 38TB of SSD flash and 120TB of disk storage
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
SDI wars: WTF is software defined infrastructure?
This time we play for ALL the marbles
Windows 10: Forget Cloudobile, put Security and Privacy First
But - dammit - It would be insane to say 'don't collect, because NSA'
Oracle hires former SAP exec for cloudy push
'We know Larry said cloud was gibberish, and insane, and idiotic, but...'
Symantec backs out of Backup Exec: Plans to can appliance in Jan
Will still provide support to existing customers
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.