HP StorageWorks 4000/6000/8000 .HP StorageWorks SAN Design Reference Guide, Pa - Page 405
Resource protection, Data protection, Access control, Confidentiality
View all HP StorageWorks 4000/6000/8000 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 405 highlights
to reduce risk and improve business outcomes. HP provides solutions in information security, identity management, key management, and compliance to ensure your enterprise security. Secure Advantage builds on these existing security technologies to create manageable methods for you to leverage encryption and key management. This allows you to protect your resources and validate compliance with government and industry regulations. Security is an important aspect of the HP Adaptive Infrastructure, which provides the platform for the next-generation data center. Secure Advantage integrates with Adaptive Infrastructure enablers, such as IT systems and services, power and cooling, virtualization, and automation. The Secure Advantage portfolio considers three aspects to ensure storage security: • Resource protection • Data protection • Security validation Resource protection Resource protection is important to your security strategy. Using trusted platforms, you improve availability and provide protection for networks, software, and database management systems. Access control in a trusted and hardened infrastructure minimizes disruptions due to security breaches. Access control Access control prevents unauthorized use of network resources and unauthorized disclosure or modification of data (for example, preventing users from logging in to local workstations or limiting the use of dial-in modems). Access control is a set of controls: confidentiality, integrity, availability, and limiting access to network resources. These depend on the successful prevention of unauthorized access to services or information. Important elements of access control include: • Identification-Identifies an entity (user, process, or role associated with multiple users) • Authorization-Determines the access rights of an entity (with a level of assurance) • Authentication-Authenticates a user or process • Enforcement-Applies access-control decisions, which provides protection Data protection Data protection is important for all data states: at-rest, in-transit, and in-use. Use encryption and identity management in conjunction with other proactive techniques, such as security event management and information management. Data protection consists of the following: • Confidentiality • Data integrity • Data availability • Nonrepudiation Confidentiality Confidentiality prevents disclosure of all data, regardless of its state (at-rest, in-transit, or in-use). Confidentiality needs vary depending on the amount and type of data, transit and storage locations, and sensitivity of the end-user identity. Important elements of confidentiality include: SAN Design Reference Guide 405