12.07.2015 Views

SECURING FIBRE CHANNEL FABRICS - Brocade

SECURING FIBRE CHANNEL FABRICS - Brocade

SECURING FIBRE CHANNEL FABRICS - Brocade

SHOW MORE
SHOW LESS
  • No tags were found...

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

Chapter SummarySite ACiphertextSite B<strong>Brocade</strong>EncryptionSwitchServersTape libraryFigure 11. Encrypting data over dark fiber with data-at-rest encryptionChapter Summary<strong>Brocade</strong> provides encryption solutions for both data-at-rest and datain-flight.The <strong>Brocade</strong> Encryption Switch and the <strong>Brocade</strong> FS8-18Encryption Blade for the <strong>Brocade</strong> DCX backbone family can be usedfor both disk and tape media to encrypt data-at-rest. The <strong>Brocade</strong>encryption switch is a standard 8 Gbps Layer 2 FC platform and, whenused in encryption mode, provides robust encryption (and compression)in combination with third-party key management. The addition ofa Smart Card reader for an ignition key provides additional security.<strong>Brocade</strong> offers data encryption for data-in-flight in the <strong>Brocade</strong> 7800Extension Switch and <strong>Brocade</strong> FX8-24 Extension Blade, both of whichsupport IPSec for encryption of data transported over an FCIP tunnel.The <strong>Brocade</strong> data-at-rest encryption solution, described in detail inthis chapter, can be used to encrypt data-in-flight. The encryptiondevice in the primary data center encrypts the frame payload beforesending it over the dark fiber connection.The latest <strong>Brocade</strong> 16 Gbps FC technology, based on the Condor-3ASIC, also offers the capability to encrypt data-in-flight for up to twoISLs.Securing Fibre Channel Fabrics 197

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!