Figure 1 D@RE architecture, embedded
Director
Host
IO
Module
IO
Module
RSA
eDPM Server
IO
Module
IO
Module
Director
SAN
Storage
Configuration
Management
RSA
eDPM Client
Unencrypted
data
Management
traffic
Encrypted
data
IP
Unique key per physical drive
Figure 2 D@RE architecture, external
Director
Host
IO
Module
IO
Module
IO
Module
IO
Module
Director
SAN
Storage
Configuration
Management
Unencrypted
data
Management
traffic
Encrypted
data
External
(KMIP)
Key Manager
IP
Unique key per physical drive
Key management
KMIP Client
MMCS
Key Trust Platform (KTP)
TLS-authenticated
KMIP traffic
External Key Managers
D@RE's external, enterprise-grade key management is provided by Gemalto SafeNet
KeySecure and IBM Security Key Lifecycle Manager. Keys are generated and
distributed using the best practices as defined by industry standards (NIST 800-57
and ISO 11770). With D@RE, there is no need to replicate keys across volume
VMAX3 with HYPERMAX OS
Data protection and integrity 41
To Next Page
Loading...
