Data-at-rest Encryption for the IBM Spectrum Accelerate Family

A draft IBM Redpaper publication

Updated 01 February 2019

Authors: Bert Dufrasne, Roman Fridli, Andrew Greenfield

Abstract

Updated for FlashSystem A9000/R software version 12.3.

With the ever-growing landscape of national, state, and local regulations, industry requirements, and increased security threats, ensuring the protection of an organization's information is a key part of operating a successful business.

Encrypting data-at-rest is a key element when addressing these concerns. Most storage products offer encryption at an additional cost. The IBM® Spectrum Accelerate family, which includes IBM XIV® Storage System, IBM FlashSystem® A9000, IBM FlashSystem A9000R system(s), and IBM Spectrum™ Accelerate Software provides data-at-rest encryption at no charge. Clients can take advantage of encryption and still benefit from the lower total cost of ownership (TCO) that the IBM Spectrum Accelerate™ family offers.

For IBM FlashSystem A9000 and A9000R, clients now have a choice between an external key manager-based implementation or a local key based encryption implementation. The local key solution offers a simplified deployment of data-at-rest encryption. The external key manager can be the IBM Secutity Key Lifecycle Manager or the Gemalto SafeNet KeySecure.

This IBM Redpaper™ publication explains the architecture and design of the XIV and IBM FlashSystem A9000 and A9000R encryption solutions. Details are provided for configuring and implementing both solutions.

Table of contents

Chapter 1. Encryption overview
Chapter 2. Planning
Chapter 3. Implementing encryption on XIV
Chapter 4. Implementing encryption on IBM FlashSystem A9000 and A9000R
Chapter 5. Maintaining

These pages are Web versions of IBM Redbooks- and Redpapers-in-progress. They are published here for those who need the information now and may contain spelling, layout and grammatical errors. This material has not been submitted to any formal IBM test and is published AS IS. It has not been the subject of rigorous review. Your feedback is welcomed to improve the usefulness of the material to others.

Follow IBM Redbooks

Follow IBM Redbooks