Skip to main content

IBM Spectrum Virtualize, IBM FlashSystem, and IBM SAN Volume Controller Security Feature Checklist



Published on 16 March 2022

  1. .EPUB (0.1 MB)
  2. .PDF (0.3 MB)

Apple BooksGoogle Play Books

Share this page:   

ISBN-10: 0738460435
ISBN-13: 9780738460437
IBM Form #: REDP-5678-00

Authors: Bill Scales, Barry Whyte and James Whitaker

    menu icon


    IBM Spectrum® Virtualize based storage systems are secure storage platforms that implement various security-related features, in terms of system-level access controls and data-level security features.

    This document outlines the available security features and options of IBM Spectrum Virtualize based storage systems. It is not intended as a “how to” or best practice document. Instead, it is a checklist of features that can be reviewed by a user security team to aid in the definition of a policy to be followed when implementing IBM FlashSystem®, IBM SAN Volume Controller, and IBM Spectrum Virtualize for Public Cloud.

    The topics that are discussed in this paper can be broadly split into two categories:

    • System security

      This type of security encompasses the first three lines of defense that prevent unauthorized access to the system, protect the logical configuration of the storage system, and restrict what actions users can perform. It also ensures visibility and reporting of system level events that can be used by a Security Information and Event Management (SIEM) solution, such as IBM QRadar®.

    • Data security
    • This type of security encompasses the fourth line of defense. It protects the data that is stored on the system against theft, loss, or attack. These data security features include, but are not limited to, encryption of data at rest (EDAR) or IBM Safeguarded Copy (SGC).

    This document is correct as of IBM Spectrum Virtualize version 8.5.0.

    Table of Contents

    Executive summary

    System security capabilities

    Data security capabilities


    Others who read this also read