Features - Enterprise Data Insights:

NEOSCALE INTRODUCES SECURITY APPLIANCES FOR FC AND TAPE
by Robert Deane for the451.com

NeoScale Systems has recently announced the general availability of its enterprise storage security appliances, designed to protect information in both primary and secondary storage. It enters the market with NeoScale CryptoStor FC, for securing data access and privacy on enterprise storage systems, and NeoScale CryptoStor for Tape, for authenticating, encrypting and compressing data on tape libraries and virtual tape systems with backup compatibility and secure recovery.

Impact assessment

The message

The storage security market is poised to take off, and NeoScale hopes to ride the wave as it launches its CryptoStor FC and CryptoStor for Tape appliances for enterprise environments.

Competitive landscape

There is nothing like a new market to facilitate a little friendly bloodletting. NeoScale will have its hands full as Decru, Vormetric and Protegrity all stick their chests out to prove their superiority.

The451 assessment

Enterprises have finally come to the realization that the most enviable and valuable assets they possess is in the information embedded in their storage systems and on their networks. It will be interesting to see which storage security vendor can push the most attractive message out to end users and has the staying power to endure their fickleness.

Context

As the volume of critical business information residing in storage networks grows, enterprises have come to realize that they must protect digital assets that until recently had been kept in fairly isolated environments. NeoScale believes that by offering security appliances that specifically address data protection in both primary and secondary storage environments, it changes the way enterprises view security for data at rest and in flight.

NeoScale believes that storage is at the heart of all enterprises applications. Customer demand for storage capacity, consolidation, continuity and availability is driving more multifaceted storage models, such as remote backup, resource pooling and mirroring, disaster recovery, peer production and snapshots. As data is distributed on portable media and may be accessible or shared on different systems at different locations -- coupled with the requirements expressed by data privacy legislation and emerging network storage standards -- there exists evidence that traditional network security efforts are falling extremely short.

Products

NeoScale is making its grand entrance on the enterprise security scene with its CryptoStor for FC and CryptoStor for Tape appliances, betting the farm that the market for storage security products will explode as enterprises transition from a direct-attached to a networked storage model. These advanced storage processes are expected to reduce costs and provide competitive advantage for those companies willing to employ them. In addition, NeoScale's appliances answer the persistent problem among enterprises of costly data theft by both internal and external sources.

Currently, only minimal storage security capabilities exist within network applications, storage applications, storage systems and intelligent storage switches to protect stored data. A layered defense model (a.k.a. defense in depth) would include physical security, network security, application process control, zoning, LUN masking, network storage device entity authentication and the encryption of data at rest and in flight for primary and secondary storage. To this end, NeoScale's appliances are by no means a security solution on their own, but instead serve to complement an enterprise's existing network security architecture. The company plans to extend the reach of its products by strengthening its channel partner relationships and to grow its business exclusively through a budding network of resellers and system integrators.

CryptoStor FC employs an inline hardware platform that is optimized for gigabit throughput, with reported port-to-port latency of less than 100 microseconds. It was designed to manage multiple security policies without any substantial performance degradation and is professed to be invisible to the existing data path providing access control and data encryption. CryptoStor FC is built to be platform- and application-agnostic, with enough flexibility to conform to individual business requirements. It can be employed at the host, within the fiber channel fabric, in front of storage subsystems or behind storage gateways. Prices start at $35,000 for a CryptoStor FC appliance in a fiber channel configuration.

CryptoStor for Tape provides media protection with compression (for maximum utilization of media bandwidth), secure media recovery and cryptographic integrity regardless of tape location and age. Back-up policies can be either centrally or remotely managed to shield pooled, distributed, virtualized and vaulted tape applications. Ideally the appliance should sit in front of fiber channel or SCSI tape libraries. Prices start at $15,000 per CryptoStor for Tape appliance; it is delivered in either a SCSI or fiber channel configuration.

Competition

Storage security has often been touted as an extension of an enterprise's previously installed network security initiatives. NeoScale should therefore consider not only its direct competitors (such as Decru and Vormetric), but also security players such as Protegrity that offer alternative measures for securing data.

Decru is one of those vendors that the competition loves to hate. It has been quite successful in acquiring new customers and has a bank account that should keep it in the storage security game for a long time to come. Decru has indicated that unlike its competition, it has not been held back by typical barriers to entry into the storage security market such as a lack of proficiency in both security and storage, credibility or appliance-building expertise. Decru began shipping its Decru DataFort E440 and DataFort FC440 in October 2002; each product is administered through a Web interface and has additional software to support clustering and failover. NeoScale had better hit the ground running if it is to claim its piece of the pie before the opportunity is narrowed by those vendors that were first to market.

Vormetric is positioning its security appliance as unique in that it combines host protection, data encryption and access control to protect the network core. While these contentions sound enticing by themselves, they are unfortunately the same marketing messages voiced by its competitors. The true value of Vormetric's expected product is its ability to protect data by protecting it under management.

Unlike NeoScale's other competitors, Protegrity takes a very granular approach to securing data. Its Secure Data builds a protective layer of encryption around individual data items or objects. The product allows administrators to define which data stored in databases are sensitive and which individuals or groups have the authority to access the information. The selectivity of Protegrity's data item protection technique prevents attackers from gaining access to enterprise data and also help avoid delays or burdens on the system that can result in bulk encryption methods. These attributes will undoubtedly be attractive to enterprises with limited storage facilities and network latency issues.

Funding

NeoScale has thus far raised $13.5m in a Series A funding round, led by Bay Partners and Lightspeed Ventures. In addition, the blossoming security company expects to close another round in the second quarter.

Courtesy www.the451.com