Seagate 10K.3 Self-Encrypting Drives for Servers, NAS, and SAN Arrays - Page 13

Self-Encrypting Drives for Servers, NAS and SAN Arrays Performance at Full Drive Speed; Less Need for Data Classification The Self-Encrypting Drive has a dedicated engine for full interface speed encryption. Utilizing hardware-based encryption, the SED's encryption engine resides in the controller ASIC. Each drive port uses a dedicated encryption engine that matches the port's maximum speed. Simply put, encryption will not slow the system down. SED performance also scales linearly and automatically. As more drives are added, encryption bandwidth commensurately increases. Data center administrators needn't worry about balancing encryption workloads when adding more drives to an array or more arrays to the data center. Because data center administrators can encrypt all of the data they wish without performance degradation, there is far less need for data classification. As noted earlier, attempting to identify all instances of sensitive information is labor-intensive and time-consuming. Such data is also difficult to maintain and update, especially when it can be easily copied from a protected source to an unprotected destination. Reducing the need for data classification greatly simplifies the process of planning and managing encryption in the data center. Compression and De-Duplication Efficiencies Fully Maintained Storage system data compression and de-duplication present the opportunity to dramatically cut storage costs, but only when the data is not encrypted as storage systems are optimized for unencrypted data when performing data compression and de-duplication. With SEDs, the ability of the storage system to efficiently compress and de-duplicate data is fully maintained. Data Integrity's Protection Information Standard Fully Maintained SED enables the future of data integrity, PI (Protection Information, also known as Data Integrity Feature), which is a T-10 SCSI-based end-to-end data protection specification. The implementation of this SCSI protocol standard in SAS and Fibre Channel systems allows each element in the data's path to inspect the data and verify that no corruption has occurred. This is performed using a special appendix to the data, but it cannot be performed if the data passing through the element has been encrypted. Because SED performs encryption at the end of the data's path, (i.e., at the drive where the data is stored), SED is the only solution that supports Protection Information throughout the data path. And while facilitating this superior data integrity, SED does not impact the hard drive's reliability, availability or serviceability/warranty. Standardized Technology Lowers Costs The world's top six hard drive vendors (Fujitsu, Hitachi, Samsung, Seagate, Toshiba and Western Digital) collaborated to develop the final enterprise specification recently published by the Trusted Computing Group (TCG). This specification, created to be the standard for developing and managing Self-Encrypting Drives, enables SEDs from different vendors to be interoperable. Such interoperability helps ensure greater market competition and lower prices for solution builders and end-users alike. Eventually all drives shipping from all vendors will be Self-Encrypting Drives (half of these vendors are already shipping SEDs today). This promises an end to the risk of data breaches when hard drives leave their owner's control. 13