Emulex has opened up its OneCommand encryption technology with a host-based approach to storage encryption. The company announced OneCommand Guardian and OneCommand Key Manager, based on IBM Tivoli Key Lifecycle Manager technology, which can be deployed on servers using Emulex’s OneSecure adapters, or Emulex’s family of LightPulse 8Gbps Fibre Channel host bus adapters (HBAs).
Emulex’s (NYSE:ELX) OneCommand Guardian software encrypts data at the server and, according to Shaun Walsh, vice president of corporate marketing, can be used with any HBA. The OneCommand Key Manager is Key management Interoperability Protocol (KMIP) compliant and controls data throughout its lifecycle (in-flight and at-rest) by centralizing the key management process.
OneCommand allows for phased deployment, with eLUN migration and replication support, and runs faster using Emulex OneSecure adapters that offload encryption processing from the server, but also works with any Fibre Channel or Fibre Channel over Ethernet (FCoE) adapter.
Walsh said the software makes encryption affordable. “Everyone understands intellectually that they should be doing encryption, but the burden of implementing it has, so far, been too much,” said Walsh. “Encryption is like going to the dentist. Everyone wants it to be as painless as possible.”
Not only can the OneCommand software be dropped into existing SAN infrastructures, but Emulex claims encrypting data at the host is less expensive than traditional security techniques. Director of product management, Brandon Hoff, said the Emulex host-based encryption technology is approximately 30 percent less expensive to implement than the time-honored practice of disk shredding, 50 percent cheaper than self encrypting drives and database encryption technologies, and 70 percent less expensive than encryption switches.
Emulex will begin shipping OneCommand host-based encryption through the channel and partners during the first quarter of 2011.
Follow Enterprise Storage Forum on Twitter.