HP StorageWorks 4000/6000/8000 .HP StorageWorks SAN Design Reference Guide, Pa - Page 407

HP storage security solutions, Assessing security risks, C-series Storage Media Encryption

Get HP StorageWorks 4000/6000/8000 - Enterprise Virtual Arrays PDF manuals and user guides View all HP StorageWorks 4000/6000/8000 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 407 highlights

• Compliance validation-Proof of compliance is required by government and industry regulations. You must establish control points that ensure repeatable processes, assignment of responsibilities, and role separation. You must be able to prove that policies are being enforced for internal and external audits. Assessing security risks This section describes best practices for assessing and addressing security risks. Managing organizational risks Managing organizational risks involves the following actions: • Protecting IT resources • Protecting data in all states (at-rest, in-transit, or in-use) • Providing validation to internal and external auditors The HP Secure Advantage solution addresses these security issues using a suite of integrated products. Integration of encryption and key management technologies with identity management in a hardened infrastructure ensures that the correct data is delivered to the intended users. Secure Advantage provides the best layered end-to-end security approach with identity management at the network, system, service, and application layers. It ensures a robust and proactive security framework. Data security implementations Data security implementations are categorized as follows: • Storage network-Consists of switches, appliances, and cables. Switches and appliances come with support to protect themselves. The storage network components support key management, encryption services, and authentication of server and storage arrays. • Servers-Consists of hardware, operating systems, interface cards (NICs and HBAs), and applications (also known as hosts). Each component comes with support for protecting itself. The interfaces cards support authentication and secure tunnel. • Storage arrays-Consists of groups of disks or tapes that use a management application, which protects the resources through authentication. Storage arrays will support native encryption in the future. HP storage security solutions This section describes HP storage security solutions for the following products: • C-series Storage Media Encryption, page 407 • C-series SAN-OS security, page 408 • C-series IP SAN security, page 409 • B-series Encryption Switch and Encryption FC Blade security, page 410 • B-series Fabric OS security, page 411 • Key management, page 415 C-series Storage Media Encryption SME is a standards-based encryption solution for heterogeneous and virtual tape libraries. SME is managed with the Cisco Fabric Manager web client and a command-line interface, which supports unified SAN management and security provisioning. SME is a comprehensive network-integrated SAN Design Reference Guide 407

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
  • 325
  • 326
  • 327
  • 328
  • 329
  • 330
  • 331
  • 332
  • 333
  • 334
  • 335
  • 336
  • 337
  • 338
  • 339
  • 340
  • 341
  • 342
  • 343
  • 344
  • 345
  • 346
  • 347
  • 348
  • 349
  • 350
  • 351
  • 352
  • 353
  • 354
  • 355
  • 356
  • 357
  • 358
  • 359
  • 360
  • 361
  • 362
  • 363
  • 364
  • 365
  • 366
  • 367
  • 368
  • 369
  • 370
  • 371
  • 372
  • 373
  • 374
  • 375
  • 376
  • 377
  • 378
  • 379
  • 380
  • 381
  • 382
  • 383
  • 384
  • 385
  • 386
  • 387
  • 388
  • 389
  • 390
  • 391
  • 392
  • 393
  • 394
  • 395
  • 396
  • 397
  • 398
  • 399
  • 400
  • 401
  • 402
  • 403
  • 404
  • 405
  • 406
  • 407
  • 408
  • 409
  • 410
  • 411
  • 412
  • 413
  • 414
  • 415
  • 416
  • 417
  • 418
  • 419
  • 420
  • 421
  • 422
  • 423
  • 424
  • 425
  • 426
  • 427
  • 428
  • 429
  • 430
  • 431
  • 432
  • 433
  • 434
  • 435
  • 436
  • 437
  • 438
  • 439
  • 440
  • 441
  • 442
  • 443
  • 444
  • 445
  • 446
  • 447
  • 448
  • 449
  • 450
  • 451
  • 452
  • 453
  • 454
  • 455
  • 456
Compliance validation
Proof of compliance is required by government and industry regulations.
You must establish control points that ensure repeatable processes, assignment of responsibilities,
and role separation. You must be able to prove that policies are being enforced for internal and
external audits.
Assessing security risks
This section describes best practices for assessing and addressing security risks.
Managing organizational risks
Managing organizational risks involves the following actions:
Protecting IT resources
Protecting data in all states (at-rest, in-transit, or in-use)
Providing validation to internal and external auditors
The HP Secure Advantage solution addresses these security issues using a suite of integrated products.
Integration of encryption and key management technologies with identity management in a hardened
infrastructure ensures that the correct data is delivered to the intended users. Secure Advantage
provides the best layered end-to-end security approach with identity management at the network,
system, service, and application layers. It ensures a robust and proactive security framework.
Data security implementations
Data security implementations are categorized as follows:
Storage network
Consists of switches, appliances, and cables. Switches and appliances come
with support to protect themselves. The storage network components support key management,
encryption services, and authentication of server and storage arrays.
Servers
Consists of hardware, operating systems, interface cards (NICs and HBAs), and applic-
ations (also known as hosts). Each component comes with support for protecting itself. The interfaces
cards support authentication and secure tunnel.
Storage arrays
Consists of groups of disks or tapes that use a management application, which
protects the resources through authentication. Storage arrays will support native encryption in the
future.
HP storage security solutions
This section describes HP storage security solutions for the following products:
C-series Storage Media Encryption
, page 407
C-series SAN-OS security
, page 408
C-series IP SAN security
, page 409
B-series Encryption Switch and Encryption FC Blade security
, page 410
B-series Fabric OS security
, page 411
Key management
, page 415
C-series Storage Media Encryption
SME is a standards-based encryption solution for heterogeneous and virtual tape libraries. SME is
managed with the Cisco Fabric Manager web client and a command-line interface, which supports
unified SAN management and security provisioning. SME is a comprehensive network-integrated
SAN Design Reference Guide
407