When EMC purchased RSA Security last year, experts wondered what the information systems provider would do with the security vendor’s assets.
Would EMC operate RSA separately, or bundle the security technology across its storage systems?
EMC answered that question this week at the RSA Conference 2007 in San Francisco, revealing that it has stitched core RSA security software into its top-of-the-line Symmetrix DMX-3 storage array. EMC also announced a number of encryption and security partnerships and an acquisition at the conference.
The company’s goal is to combine the network security characteristics of firewalls, intrusion prevention systems and endpoint protection with information security, which covers identity management, access and audit management and encryption.
The news was a key part of a keynote session in which EMC CEO Joseph Tucci and former RSA CEO and current EMC Executive Vice President Art Coviello discussed the EMC/RSA integration roadmap, among other security technology enhancements.
For now, Symmetrix Service Credential, Secured By RSA preserves the integrity of the information housed in Symmetrix DMX-3 systems by requiring authentication of users accessing the Symmetrix service processor.
Administrators who want to tap into the Symmetrix must use encrypted credentials and individual passwords; the service credential then authorizes their actions and prevents unauthorized actions.
Did someone say Big Brother is watching?
The new tamper-proof Audit Log allows data center administrators to record and track all service or management activities on a Symmetrix DMX-3 system, including those that could affect the integrity of the information stored in the array.
EMC also spruced up its disk erasure technology with the new Certified Data Erasure capabilities for Symmetrix DMX-3 systems.
EMC Certified Data Erasure makes sure that information on failed drives is erased before they are removed from the system, reducing the risk of sensitive data leaving the company. This feature is in keeping with Department of Defense (DOD) specification 5220.22-M, providing an auditable record of data erasure.
Why roll the RSA security features into the Symmetrix servers?
Bob Wambach, director of EMC Symmetrix product marketing, said customers prefer security tools to be built-in instead of just bolted on, an antiquated method of adding security to storage practiced by rivals like IBM and HP.
He also said the move is the tip of the iceberg for integrating RSA’s IP into EMC systems, but he declined to provide more specifics.
Another new tool, Dynamic Cache Partitioning, lets Symmetrix customers split memory resources in as much as eight partitions for different applications.
While most partitions in mainframes and other servers are static, or unchangeable, these partitions can be expanded or contracted according to performance requirements.
Wambach said EMC has also boosted its asynchronous replication software for copying data over thousands of miles. SRDF/A Reserve Capacity safeguards continuous remote data replication by buffering in-transit data to disk during temporary outages.
The tool can “self-heal around link outages,” Wambach said.
Available in the first quarter, the Symmetrix Service Credential, Audit Log, RAID 6 and enhanced SRDF/A replication capabilities are included with Enginuity operating system release 5772.
Enginuity 5772 will be available as an upgrade from the 5771 operating system for existing Symmetrix DMX-3 customers enrolled in a maintenance plan, or with new Symmetrix DMX-3 purchases.
EMC Certified Data Erasure, 4GB/s support and Dynamic Cache Partitioning will be available as standalone, chargeable offerings.
Partnerships and an Acquisition
EMC’s RSA division also acquired Hyderabad, India-based Valyd Software Private Ltd. for an undisclosed sum and announced strategic partnerships with CipherOptics, Network Appliance’s Decru unit, NeoScale Systems and Epicor|CRS.
Valyd’s software encrypts database and file servers, Coviello said in a meeting with press and analysts Tuesday at the RSA conference.
Coviello said Valyd’s technology fills key holes in RSA’s strategy for enterprise data protection (EDP), the goal of which is to protect the information stored on them from internal and external attacks.
The Valyd software, along with the new strategic partnerships with CipherOptics, Decru, NeoScale and Epicor|CRS, will fortify RSA’s new Database Security Manager and RSA File Security Manager software, both of which will be integrated with RSA Key Manager software.
RSA Database Security Manager will provide data protection for database software from IBM, Microsoft, Oracle, Sybase and Teradata.
RSA File Security Manager preserves data maintained in files, offering centralized management, separation of duties and other security polices.
“The combination of information management and security is paramount,” Coviello said. “Security has to be built more into an information infrastructure for us to be effective.”
EMC CEO Joseph Tucci, who joined Coviello in the media and analyst briefing, fielded a question about what business EMC would jump into next; the storage vendor has already gained enterprise content management by buying Documentum, server virtualization with its purchase of VMware, and security provider RSA in the last few years.
Tucci said he was content with the current state of EMC’s business.
“What I’ve said publicly, and I mean it, is that I like the position we have today,” Tucci said. “Rather than do another large acquisition and put another piece onto the EMC market pie — which we will do eventually — I think right now for 2007, and for foreseeable months after that, I’d like to focus on what we have.”
Tucci also indicated EMC will most likely make small acquisitions to flesh out its portfolio. He declined to make this definitive, however, repeating his mantra: “you never say never.”
The executives also discussed the integration roadmap between the two companies, pointing to the incorporation of RSA security software into EMC’s Symmetrix DMX-3 systems.
Article courtesy of Internet News