This IBM® Redbooks® publication covers the IBM System Storage® SAN32B-E4 Encryption Switch, which is a high-performance stand-alone device designed to protect data-at-rest in mission-critical environments. In addition to helping IT organizations achieve compliance with regulatory mandates and meeting industry standards for data confidentiality, the SAN32B-E4 Encryption Switch also protects them against potential litigation and liability following a reported breach.
Data is one of the most highly valued resources in a competitive business environment. Protecting that data, controlling access to it, and verifying its authenticity while maintaining its availability are priorities in our security-conscious world. Increasing regulatory requirements also drive the need for adequate data security. Encryption is a powerful and widely used technology that helps protect data from loss and inadvertent or deliberate compromise.
In the context of data center fabric security, IBM provides advanced encryption services for Storage Area Networks (SANs) with the IBM System Storage SAN32B-E4 Encryption Switch. The switch is a high-speed, highly reliable hardware device that delivers fabric-based encryption services to protect data assets either selectively or on a comprehensive basis. The 8 Gbps SAN32B-E4 Fibre Channel Encryption Switch scales nondisruptively, providing from 48 up to 96 Gbps of encryption processing power to meet the needs of the most demanding environments with flexible, on-demand performance. It also provides compression services at speeds up to 48 Gbps for tape storage systems. Moreover, it is tightly integrated with one of the industry-leading, enterprise-class key management systems, the IBM Tivoli® Key Lifecycle Manager (TKLM), which can scale to support key life-cycle services across distributed environments.
Table of contents
Chapter 1. Introduction to SAN Encryption
Chapter 2. b-type family high-performance encryption for data-at-rest products
Chapter 3. Tivoli Key Lifecycle Manager interaction with IBM encryption switch
Chapter 4. Implementation and setup
Chapter 5. Deployment scenarios