Cisco Plans Storage Security Push

Enterprise Storage Forum content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Cisco Systems plans a fabric-based encryption offering for disk and tape later this year that the company says bests current approaches.

The product will be delivered in the second half of the year, but Cisco has been conducting preliminary briefings to let customers know it’s coming and will issue a press release on the offering next week.

Doug Anderson, product manager of Cisco’s Data Center Business Unit, said that of the possible locations to encrypt data — on the host or tapes, via appliances or on the storage network fabric — Cisco chose to deliver its Storage Media Encryption (SME) of data at rest as a SAN fabric-based service, integrating it into the network so it doesn’t require network changes or new equipment.

Data encryption has become “top of mind for customers,” said Anderson. One reason is the need to comply with data protection and retention regulations such as HIPAA and Sarbanes-Oxley. Another reason is cost: dealing with a lost customer record costs a company $90 without encryption, compared to just $6 if the data is encrypted, said Anderson, citing Gartner.

Anderson said Cisco’s approach minimizes latency and maximizes performance, integrates with existing hardware, software and data center management practices, and provides the flexibility to deliver encryption when and where it’s needed.

The service will be delivered as a module in Cisco’s modular and semi-modular MDS 9500 and 9200 Fibre Channel switches. The first products will encrypt tape and virtual tape (VTL), with encryption for heterogeneous disk storage arrays to be added at a later date.

Anderson said Cisco is working actively on standards and with partners’ APIs to make key management highly available. The solution will be IEEE 1619 AES 256 compliant, the company says.

Cisco says the heterogeneous solution can also encrypt traffic from any virtual SAN (VSAN), with automatic load balancing across multiple SANs, and Cisco Fabric Manager and a command line interface (CLI) approach performs provisioning, key and user management with no need for additional management software. The hardware will also support other SAN services and features.

Cisco says its approach gives it performance, flexibility, scalability and ease of management that host, appliance and storage device-based approaches don’t offer. The company also plans advanced security certifications for the offering.

Cisco isn’t the only storage switch vendor making news this week. Arch rival Brocade claimed at the Storage Decisions show in Chicago this week that its 48000 Director is two to three times more efficient than the Cisco MDS 9513.

Deepak Munjal, Cisco’s Data Center Solutions marketing manager, didn’t dispute the Brocade claim, but pointed out that networking devices only account for about 15 percent of overall data center power consumption. When capacity, performance and features such as integrated routing are factored in, customers may need fewer boxes and less overall power with Cisco switches, he said, calling Brocade’s comparison “simplistic.”

Back To Enterprise Storage Forum

Paul Shread
Paul Shread
eSecurity Editor Paul Shread has covered nearly every aspect of enterprise technology in his 20+ years in IT journalism, including an award-winning series on software-defined data centers. He wrote a column on small business technology for Time.com, and covered financial markets for 10 years, from the dot-com boom and bust to the 2007-2009 financial crisis. He holds a market analyst certification.

Get the Free Newsletter!

Subscribe to Cloud Insider for top news, trends, and analysis.

Latest Articles

15 Software Defined Storage Best Practices

Software Defined Storage (SDS) enables the use of commodity storage hardware. Learn 15 best practices for SDS implementation.

What is Fibre Channel over Ethernet (FCoE)?

Fibre Channel Over Ethernet (FCoE) is the encapsulation and transmission of Fibre Channel (FC) frames over enhanced Ethernet networks, combining the advantages of Ethernet...

9 Types of Computer Memory Defined (With Use Cases)

Computer memory is a term for all of the types of data storage technology that a computer may use. Learn more about the X types of computer memory.