StorageSecure is an all-inclusive, secure hardware storage encryption solution that connects to 1Gbe or 10Gbe Ethernet networks over CIFS and NFS and protects shares, folders and files on any NAS filers regardless of vendor. StorageSecure encrypts information based on defined business policies and securely stores the information without impacting ongoing operations or reducing information availability.
StorageSecure securely stores all encryption keys and their associated parameters within hardware. Keys can also be shared with KeySecure, centralized key management solution, that securely stores StorageSecure keys but also other heterogeneous encryption keys for truly centralized key management.
Granular Data Level Protection
Our storage encryption solution, StorageSecure, protects data at the share/folder/file level. By providing granular data level protection, instead of enforcing an all or nothing protection, organizations are able to enforce data-specific authorization based on user privileges, job responsibilities and data location.
Ensures Compliance with Legislative and Regulatory Mandates
Protecting sensitive data at rest is fundamental in ensuring compliance. StorageSecure ensures that sensitive data will be encrypted and rendered unreadable to unauthorized users even as it moves across the different storage tiers, including operations and staff who need to manage the systems but not access the data.Once data is encrypted, it remains encrypted through its lifecycle without any additional intervention.
Backup, replication, and snapshotting applications that work on files on the NAS filers all continue to function exactly as before while the underlying data remains encrypted.
Privileged User Access and Separation of Duties
StorageSecure augments existing access controls defined in Microsoft AD, LDAP, NIS and allows enterprises to strengthen these controls for users and administrators by building upon previously defined identity and access management controls, creating stronger separation of duties. In this way, StorageSecure protects against rogue users and administrators.
Highly Secure and Easy to Deploy
StorageSecure is a “self-contained” appliance. There are no changes to the storage devices, no agents to install, and more importantly, the user does not need to change their daily operations. StorageSecure is placed within the network on an Ethernet connection, configured based on data/information value and user access controls. Data is automatically encrypted and decrypted within the hardware appliance
Integrated with KeySecure for Automated and Centralized Key Management
By combining StorageSecure and SafeNet KeySecure, organizations are able to enforce more robust data access and key management controls while eliminating lost and stolen keys and preventing information access. KeySecure can host backup keys to StorageSecure devices for disaster recovery and maintain a key archive for all deployed and purged keys
•NIST FIPS 140-2 Level 3 (validation in process)
•FIPS-PUB 186: AES (key Length: 256) encryption
•True Random Number Generator(TRNG)
•Key zeroization on security breach
High Availability and Reliability
•Clustering for full redundancy and automatic failover
•Dual hot-swappable power supplies
•Serviceable air filter
•S220: 1GbE network interface
•S280: 10GbE network interface
Supported Directory Services:
•Microsoft Active Directory
• Manage all StorageSecure and KeySecure appliances from a single management console
• Management console uses optional two-factor authentication with role based administration
View Feature & Benefits
• Quorum-based authentication for sensitive security operations such as recovery, initialization, and establishing trusted relationships
Ease of Deployment. SafeNet StorageSecure offers a seamless, non-disruptive deployment that drops into the network between clients and servers, linking them with a high-speed cryptographic path. There are no hosts to configure or software to install. Our storage encryption and security solution, StorageSecure, is ready to encrypt and secure storage transparently without any impact on user experience.
Centralized Policy and Key Management. SafeNet StorageSecure is now part of the Data Encryption and Control offering, such that it is fully integrated into the SafeNet Crypto foundation, including SafeNet KeySecure for key management and data access control policy management. Centralized key management eliminates lost and stolen keys preventing information access. KeySecure can host backup keys to StorageSecure devices for disaster recovery and maintain a key archive for all deployed and purged keys.
Redundancy and High Availability. SafeNet StorageSecure appliances can be clustered with all keys, policies, and configuration information automatically synchronized between cluster members. If one appliance goes offline, the second appliance automatically takes over the combined workload, ensuring that vital encrypted data is always available when needed.
Administration and User Access Controls. SafeNet StorageSecure provides the ability to integrate with user common directory services, such as LDAP, Microsoft AD, and NIS to incorporate existing user access and authentication controls. An additional layer of dual authorization control can be defined within the StorageSecure administration console to further restrict access to sensitive data stored in the storage arrays.
Segregation of Data. Whether used for virtual environments, multi-tenancy, or separation of duties, StorageSecure ensures isolation and granular access to protected data.
Quick and Secure Data Destruction. SafeNet StorageSecure, along with SafeNet KeySecure key management solution, ensure that stored sensitive data has been rendered unreadable in the event the storage appliance needs to be repurposed or the data needs to be destroyed.
View How to Buy