Implementing the IBM System Storage SAN32B-E4 Encryption Switch

An IBM Redbooks publication

Published 07 March 2011

cover image

ISBN-10: 0738435295
ISBN-13: 9780738435299
IBM Form #: SG24-7922-00
(156 pages)

More options

Rate and comment

Authors: Jon Tate, Uwe Dubberke, Michael Engelbrecht


This IBM® Redbooks® publication covers the IBM System Storage® SAN32B-E4 Encryption Switch, which is a high-performance stand-alone device designed to protect data-at-rest in mission-critical environments. In addition to helping IT organizations achieve compliance with regulatory mandates and meeting industry standards for data confidentiality, the SAN32B-E4 Encryption Switch also protects them against potential litigation and liability following a reported breach.

Data is one of the most highly valued resources in a competitive business environment. Protecting that data, controlling access to it, and verifying its authenticity while maintaining its availability are priorities in our security-conscious world. Increasing regulatory requirements also drive the need for adequate data security. Encryption is a powerful and widely used technology that helps protect data from loss and inadvertent or deliberate compromise.

In the context of data center fabric security, IBM provides advanced encryption services for Storage Area Networks (SANs) with the IBM System Storage SAN32B-E4 Encryption Switch. The switch is a high-speed, highly reliable hardware device that delivers fabric-based encryption services to protect data assets either selectively or on a comprehensive basis. The 8 Gbps SAN32B-E4 Fibre Channel Encryption Switch scales nondisruptively, providing from 48 up to 96 Gbps of encryption processing power to meet the needs of the most demanding environments with flexible, on-demand performance. It also provides compression services at speeds up to 48 Gbps for tape storage systems. Moreover, it is tightly integrated with one of the industry-leading, enterprise-class key management systems, the IBM Tivoli® Key Lifecycle Manager (TKLM), which can scale to support key life-cycle services across distributed environments.

Table of contents

Chapter 1. Introduction to SAN Encryption
Chapter 2. b-type family high-performance encryption for data-at-rest products
Chapter 3. Tivoli Key Lifecycle Manager interaction with IBM encryption switch
Chapter 4. Implementation and setup
Chapter 5. Deployment scenarios

Follow IBM Redbooks

Follow IBM Redbooks