bloombase transparent vmdk encryption solution for vmware esx, red hat kvm, citrix xenserver and...
DESCRIPTION
Bloombase data at-rest solution for virtual data centers VMware ESX, Red Hat KVM, Citrix XenServer, Oracle VirtualboxTRANSCRIPT
Bloombase Data At-Rest Security for Virtual Data Centers
Bloombase Technologies
Overview
Bloombase Data At-Rest Security
Traditional data center
storage encryption
Transparent encryption
and unencryption
Storage proxy
On-the-fly wire-speed
storage communications
payload cryptography
Virtual Data Center Encryption
Virtual data center
needs encryption as
much as for physical
Server and encryption
server as virtual
machines
Storage communications
hypervised
Bloombase Virtual Appliance
Bloombase Spitfire
StoreSafe can be
deployed as virtual
appliance on virtual data
center
Storage communications
hypervised
Virtual Appliance Hypervisor Support
VMware ESX/ESXi
Oracle VirtualBox
Citrix XenServer
Red Hat KVM
IBM PowerVM
Technology In Depth
Product Overview
Server and storage transparent
Automated encryption
Turnkey and immediate
regulatory compliance
Scale-up and scale-out
Cost-effective
High availability ready for
mission critical applications
Transparent Automated Encryption and Unencryption
Fully automated data
encryption and
unencryption for
authorized clients
On-premise: SAN, NAS,
DAS, Tape, VTL
Cloud: RESTful
Multiple Storage Protocol Support
Block storage based, file
based, object based
FCP, FCoE, iSCSI
NFS, CIFS
HTTP, WEBDAV
RESTful cloud
Client and User Authentication
User-based
authentication: LDAP,
MSAD, Kerberos,
CHAP
Host-based
authentication:
network address,
LUN mask
Industry Proven Security
Industry standard cipher
algorithm support
Regional and special
cipher support
IEEE 1619 compliant
OASIS KMIP support
NIST FIPS 140-2 validated
Key Management
Stored separately from
encrypted information
Key vault protected by
AES-256 strong
encryption
Supports 3rd party
PKCS#11 HSMs and
KMIP-compliant key
managers
Management
Web-based and CLI
management consoles
Role-based administration
Separation of duties (SoD)
Syslog and Audit trail
SNMP
Recovery quorum
Operator smart tokens
Use Cases
Tenant File Encryption
Virtual data center
tenants access
Bloombase encrypted
network file resources
over Ethernet
Tenant File Encryption
Bloombase Spitfire
StoreSafe provides file
encryption to tenants
as virtual appliance
Tenant Volume Encryption
Virtual data center
tenants access
Bloombase encrypted
iSCSI block-based
volumes over Ethernet
Tenant Volume Encryption
Bloombase Spitfire
StoreSafe provides block
based encryption to
tenants as virtual
appliance
Datastore File Encryption
Hypervisor direct attaches
Bloombase secured file servers
AS-IF virtual plain file resources
VMDKs on NFS storage remain
as normal files but encrypted
Datastore Volume Encryption
Hypervisor direct attaches
Bloombase secured volumes
AS-IF virtual plain volumes
Encryption on block-storage
level, objects stored in VMFS
are encrypted as a result
Questions? Comments?