News Stay informed about the latest enterprise technology news and product updates.

Sepaton adds data-at-rest encryption for enterprise disk backup

Sepaton upgrades its flagship VTL, the S2100-ES3 2925, giving it data-at-rest encryption capability and support for open key management standard.

Sepaton this week upgraded its flagship enterprise virtual tape library, adding encryption for data at rest and increasing speed with new processing nodes.

The S2100-ES3 series 2925 library replaces the 2922 model as the high-end system of Sepaton's 2100-ES3 enterprise disk backup line. Sepaton also upgraded its software to version 7.0.

Along with adding data-at-rest encryption, Sepaton increased performance by upgrading its processing nodes to the latest Hewlett-Packard ProLiant server, the DL380p Gen8 with Intel Xeon E5-2690 eight-core dual-CPUs running at 2.90 GHz and 128 GB of RAM memory. The nodes include four 8 Gbps Fibre Channel (FC) connections to servers with two 8 Gbps FC connections to storage, plus two 10 Gb Ethernet and four Gigabit Ethernet connections. The appliance is Sepaton's first to support 8 Gbps FC.

Sepaton claims the new hardware provides an 80 TB per hour ingestion rate, an improvement from 43.2 TB per hour on the 2922. A system supports from two to eight compute nodes, and the maximum capacity remains 2.02 PB of usable storage before data deduplication.

Sepaton is doing AES 256-bit encryption in hardware, using Exar DX 1845 cards that also offload its deduplication processing. Encrypting in hardware rather than software has no impact on performance. Sepaton supports the Key Management Interoperability Protocol (KMIP) open standard. The S2100-ES3 is also qualified with RSA Data Protection Manager (DPM) and Thales e-Security keyAuthority 4.0 encryption appliances.

Encryption prevents data on disk from being read without the keys. Florin Dejeu, Sepaton's director of product management, said the vendor plans to support other key management appliances. He said it was important to support KMIP to ensure wide industry support. Sepaton never stores encryption keys on disk, he said.

"Customers said they wanted encryption of data at rest with no performance penalty, and it had to integrate with enterprise key managers," he said. "Customers had key managers they were already using. They're trying to avoid key manager vendor lock-in with another rollout of a key management product. It prompted us to go the way of KMIP."

Jason Buffington, senior analyst for Milford, Mass.-based Enterprise Strategy Group, said it was important for Sepaton to do its data-at-rest encryption without performance impact because of the volume of data the appliances protect.

"Sepaton's approach to encrypt data at rest does it without hindering performance of their compute," he said. "Sepaton aims at the biggest, fastest and largest type of enterprise environment. If they add something and it sacrifices I/O, they lose ground."

Sepaton, which competes mainly with the largest appliances from EMC Data Domain, IBM ProtecTIER and HP StoreOnce, claims more than 3,000 customer systems in production.

List price for the S2100-ES3 Series 2925 starts at $355,000, and encryption licenses start at $15,000 per node.

Dig Deeper on Backup for virtual servers

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.