HP StorageWorks 4000/6000/8000 .HP StorageWorks SAN Design Reference Guide, Pa - Page 405

Resource protection, Data protection, Access control, Confidentiality

Get HP StorageWorks 4000/6000/8000 - Enterprise Virtual Arrays PDF manuals and user guides View all HP StorageWorks 4000/6000/8000 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 405 highlights

to reduce risk and improve business outcomes. HP provides solutions in information security, identity management, key management, and compliance to ensure your enterprise security. Secure Advantage builds on these existing security technologies to create manageable methods for you to leverage encryption and key management. This allows you to protect your resources and validate compliance with government and industry regulations. Security is an important aspect of the HP Adaptive Infrastructure, which provides the platform for the next-generation data center. Secure Advantage integrates with Adaptive Infrastructure enablers, such as IT systems and services, power and cooling, virtualization, and automation. The Secure Advantage portfolio considers three aspects to ensure storage security: • Resource protection • Data protection • Security validation Resource protection Resource protection is important to your security strategy. Using trusted platforms, you improve availability and provide protection for networks, software, and database management systems. Access control in a trusted and hardened infrastructure minimizes disruptions due to security breaches. Access control Access control prevents unauthorized use of network resources and unauthorized disclosure or modification of data (for example, preventing users from logging in to local workstations or limiting the use of dial-in modems). Access control is a set of controls: confidentiality, integrity, availability, and limiting access to network resources. These depend on the successful prevention of unauthorized access to services or information. Important elements of access control include: • Identification-Identifies an entity (user, process, or role associated with multiple users) • Authorization-Determines the access rights of an entity (with a level of assurance) • Authentication-Authenticates a user or process • Enforcement-Applies access-control decisions, which provides protection Data protection Data protection is important for all data states: at-rest, in-transit, and in-use. Use encryption and identity management in conjunction with other proactive techniques, such as security event management and information management. Data protection consists of the following: • Confidentiality • Data integrity • Data availability • Nonrepudiation Confidentiality Confidentiality prevents disclosure of all data, regardless of its state (at-rest, in-transit, or in-use). Confidentiality needs vary depending on the amount and type of data, transit and storage locations, and sensitivity of the end-user identity. Important elements of confidentiality include: SAN Design Reference Guide 405

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
  • 325
  • 326
  • 327
  • 328
  • 329
  • 330
  • 331
  • 332
  • 333
  • 334
  • 335
  • 336
  • 337
  • 338
  • 339
  • 340
  • 341
  • 342
  • 343
  • 344
  • 345
  • 346
  • 347
  • 348
  • 349
  • 350
  • 351
  • 352
  • 353
  • 354
  • 355
  • 356
  • 357
  • 358
  • 359
  • 360
  • 361
  • 362
  • 363
  • 364
  • 365
  • 366
  • 367
  • 368
  • 369
  • 370
  • 371
  • 372
  • 373
  • 374
  • 375
  • 376
  • 377
  • 378
  • 379
  • 380
  • 381
  • 382
  • 383
  • 384
  • 385
  • 386
  • 387
  • 388
  • 389
  • 390
  • 391
  • 392
  • 393
  • 394
  • 395
  • 396
  • 397
  • 398
  • 399
  • 400
  • 401
  • 402
  • 403
  • 404
  • 405
  • 406
  • 407
  • 408
  • 409
  • 410
  • 411
  • 412
  • 413
  • 414
  • 415
  • 416
  • 417
  • 418
  • 419
  • 420
  • 421
  • 422
  • 423
  • 424
  • 425
  • 426
  • 427
  • 428
  • 429
  • 430
  • 431
  • 432
  • 433
  • 434
  • 435
  • 436
  • 437
  • 438
  • 439
  • 440
  • 441
  • 442
  • 443
  • 444
  • 445
  • 446
  • 447
  • 448
  • 449
  • 450
  • 451
  • 452
  • 453
  • 454
  • 455
  • 456
to reduce risk and improve business outcomes. HP provides solutions in information security, identity
management, key management, and compliance to ensure your enterprise security. Secure Advantage
builds on these existing security technologies to create manageable methods for you to leverage
encryption and key management. This allows you to protect your resources and validate compliance
with government and industry regulations.
Security is an important aspect of the HP Adaptive Infrastructure, which provides the platform for the
next-generation data center. Secure Advantage integrates with Adaptive Infrastructure enablers, such
as IT systems and services, power and cooling, virtualization, and automation.
The Secure Advantage portfolio considers three aspects to ensure storage security:
Resource protection
Data protection
Security validation
Resource protection
Resource protection is important to your security strategy. Using trusted platforms, you improve
availability and provide protection for networks, software, and database management systems. Access
control in a trusted and hardened infrastructure minimizes disruptions due to security breaches.
Access control
Access control prevents unauthorized use of network resources and unauthorized disclosure or
modification of data (for example, preventing users from logging in to local workstations or limiting
the use of dial-in modems). Access control is a set of controls: confidentiality, integrity, availability,
and limiting access to network resources. These depend on the successful prevention of unauthorized
access to services or information.
Important elements of access control include:
Identification
Identifies an entity (user, process, or role associated with multiple users)
Authorization
Determines the access rights of an entity (with a level of assurance)
Authentication
Authenticates a user or process
Enforcement
Applies access-control decisions, which provides protection
Data protection
Data protection is important for all data states: at-rest, in-transit, and in-use. Use encryption and identity
management in conjunction with other proactive techniques, such as security event management and
information management.
Data protection consists of the following:
Confidentiality
Data integrity
Data availability
Nonrepudiation
Confidentiality
Confidentiality prevents disclosure of all data, regardless of its state (at-rest, in-transit, or in-use).
Confidentiality needs vary depending on the amount and type of data, transit and storage locations,
and sensitivity of the end-user identity.
Important elements of confidentiality include:
SAN Design Reference Guide
405