Ged i ltd storage security
This presentation is the property of its rightful owner.
Sponsored Links
1 / 33

GED- i Ltd Storage Security PowerPoint PPT Presentation


  • 87 Views
  • Uploaded on
  • Presentation posted in: General

GED- i Ltd Storage Security. Securing Data Residing on Storage devices and Data Transferred over IP Networks. www.ged-i.com +972 9 8651054 [email protected] Why Encryption is needed ?. Cost of Data Theft. Regulations. Security Incidents. Where Encryption is needed ?.

Download Presentation

GED- i Ltd Storage Security

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Ged i ltd storage security

GED-i LtdStorage Security

  • Securing Data Residing on Storage devices and Data Transferred over IP Networks

www.ged-i.com +972 9 8651054 [email protected]

GED-I Proprietary


Ged i ltd storage security

Why Encryption is needed ?

  • Cost of Data Theft

  • Regulations

  • Security Incidents

GED-I Proprietary


Ged i ltd storage security

Where Encryption is needed ?

  • ISP Site

  • Enterprise Data Center

  • Remote Hosting

  • DRP Site

  • Health Institutions

  • Financial Institutions

  • Bank

  • Research Center

  • University

  • Government

  • Defense

  • Merchants

  • Payments Processors

GED-I Proprietary


Ged i products offering data encryption

GED-i Products offeringData Encryption

Superior - HA

Best Security

Superior - FC

Superior - i

AIO - HA

GDDS

AIO - FC

AIO - i

Entry level Security

GPDS

Enterprise

Enterprise infrastructure

Department

Personal

GED-I Proprietary


Ged i products offering network encryption

GED-i Products offeringNetwork Encryption

G4Crypt 1000

Fast

G4Crypt 300

G4Crypt 100

Slow

Enterprise

Enterprise infrastructure

Department

GED-I Proprietary


Data security layers

Network Security

FW, VPN, IDS/IPS

Network

Device: PC,Laptop,PDA

Access control

Biometrics, Smart Card..

Application

Application Security

PIN, DRM

Invasion through network

Data

Encryption

Data Security Layers

GED-I Proprietary


Ged i ltd storage security1

GED-i LtdStorage Security

  • Encryption of

  • STORAGE DEVICES

  • (SAN)

GED-I Proprietary


Ged i high availability solution

GED-i High Availability Solution

Clients

AES 256

FC / iSCSI

GSA 2000 EE (Encryption Engine)

Server

GKS 2000 (Key Server)

Ethernet

GEM 2000

(Element Manager)

ABCD

#W~Z

GSA 2000 EE (Encryption Engine)

Clients

Storage

GED-I Proprietary


Ged i high availability solution1

GED-i High Availability Solution

Clients

+ Scrambling + Interference

AES 256

Port 1

GSA 2000 EE (Encryption Engine)

Port 2

Ethernet

Server

GKS 2000 (Key Server)

GEM 2000

(Element Manager)

Ethernet

Port 3

Port 4

FC / iSCSI

GSA 2000 EE (Encryption Engine)

Storage

Clients

GED-I Proprietary


Ged i high availability solution2

GED-i High Availability Solution

Clients

GSA 2000 EE

Encryption Engine

GKS 2000

Key Server

Server

GSA 2000 EE

Encryption Engine

GEM 2000

Element Manager

GSA 2000 EE

Encryption Engine

Storage

Clients

GED-I Proprietary


Ged i ltd storage security

Data Protection against….

  • Direct Data Copy

  • Digital Way

  • Direct Data Copy

  • Remote Data Copy

  • Physical way

  • Take and Go

  • Take, Copy and Return

  • Remote Data Copy

Service level

  • Take and Go

  • Take, Copy and Return

Storage

GED-I Proprietary


Ged i data leak prevention

GED-i Data Leak Prevention

Use of Personal Encryption Key

Clients

Hiding Storage Data while using GED-i’s Encryption KEY solution

Typical Link of End Users to Storage Device

upon Encryption Key insertion Data becomes available to key holders group only

upon Encryption Key removal Storage data becomes UNAVAILABLE again

TOTAL Storage Data Encryption while using GED-I’s solution

SELECTED Storage data is available to key holders only

Storage data is Encrypted and NOT available

Storage data is Encrypted and Available to End Users

Server

ABCD

?&#@

GKS 2000

Key Server

Storage

to continue press Space Bar

GED-I Proprietary


Ged i high availability solution3

GED-i High Availability Solution

Clients

GSA 2000 EE

Encryption Engine

DRP

GKS 2000

Key Server

Server

GSA 2000 EE

Encryption Engine

GEM 2000

Element Manager

GSA 2000 EE

Encryption Engine

Storage

Clients

GED-I Proprietary


Ged i high availability solution4

GED-i High Availability Solution

Clients

DRP Site

GSA 2000 EE

Encryption Engine

GKS 2000

Key Server

Server

GEM 2000

Element Manager

GSA 2000 EE

Encryption Engine

Storage

Clients

GED-I Proprietary


Ged i in cloud computing

GED-i in Cloud Computing

User Site

Cloud Services at remote site

Clients

Server

GSA 2000 EE

Encryption Engine

GKS 2000

Key Server

GEM 2000

Element Manager

Storage

GED-I Proprietary


Ged i product line

GED-I Product Line

  • Superior Security

  • GSA 2000 - EE

  • GKS 2000

  • GEM 2000

  • High Security level Solution

  • External Key Server for multiple GSA 2000 - EE

  • Automatic High availability

  • All In One Security

  • GSA 2000 – AIO

  • GEM 2000

  • Solution in single appliance

  • Internal Key management

GED-I Proprietary


Ged i product line1

GED-I Product Line

  • Superior Security

  • GSA 2000 - EE

  • GKS 2000

  • GEM 2000

  • Best Security Solution

  • Encryption engine

  • External Key Server

  • Automatic setup for High Availability

  • AES 256

  • Optional : Segmentation & Scrambling

  • GSA 2000 - EE

    Server

    GEM 2000

    GKS 2000

    Storage

    GED-I Proprietary


    Gsa 2000 for san configuration

    GSA 2000For SAN Configuration

    • Specification Highlights

      • Storage Security Appliance

      • Connection In-line

      • iSCSI interface

      • Fiber Channel interface

      • At least 2 ports of 1Gb

      • Wire speed

    • External & Remote Key Server

    • Invisible to user

    • Invisible to storage application

    • Invisible to storage device

    GED-I Proprietary


    Gsa 2000 for san configuration1

    GSA 2000For SAN Configuration

    • Key Technology

    • Incorporates the algebraic AES, Segmentation and scrambling key

    • Ensuring an unmatched security level

    • Key Management

    • Physical Gap between the security appliance and the encryption engine

    • Encryption keys are remotely stored on the key Server

    • Key Server can be local or remotely deployed

    • Keys are transferred to the security appliance only as needed

    GED-I Proprietary


    Gsa 2000 for san configuration2

    GSA 2000For SAN Configuration

    • Easy Deployment

      • Plug and Play technology

      • Appliance with no IP address

      • No S/W installation onclient, server or storage

      • Self Learning

      • Easy and fast disaster recovery

    GED-I Proprietary


    Ged i ltd storage security2

    GED-i LtdStorage Security

    • Network Encryption

    • Encrypting Data transmitted between IT islands

    GED-I Proprietary


    Ged i ltd storage security

    • Network Encryption

    • Encrypting Data transmitted between IT islands

    ABCD

    %&^#

    Encrypted IP Network

    IPsec AES 256

    ABCD

    Public Network


    Ged i ltd storage security

    Total Solution by GED-i


    Ged i ltd storage security

    Total Solution by GED-i


    Ged i ltd storage security

    Total Solution by GED-i


    Ged i ltd storage security

    The G4Crypt is an encryption appliance available as desktop or 19” rack mountable device, providing encryption at rates of 100Mbs, 300Mbs and near 1Gbs.

    G4Crypt Models

    • An encryption appliance

    • Desktop or 19” Rack mountable device

    • Encryption at rates of 100Mbs, 300Mbs and near 1Gbs.


    Ged i ltd storage security

    G4Crypt Models

    Technical Specification

    AES – FIPS 197 (256) CBC

    X.509 v3 digital certificates

    Pre-shared secrets

    HMAC-SHA-1-96

    Encapsulating Security Payload (ESP) Tunnel mode

    Encapsulating Security Payload (ESP) Transport mode

    Ethernet Encapsulated Security Payload

    Ethernet link

    IPv4

    Easy Deployment

    Plug and Play technology

    No S/W installation

    Specification Highlights

    Ethernet Link

    IPsec - Layer 3 IP packet encryption

    AES 256 encryption

    G4Crypt100 for 100Mbs

    G4Crypt 300 for 300Mbs

    G4Crypt 1000 for near 1Gbs

    Point to Point link

    Multi Point to Point links

    Transparent bridge

    Appliance Technology

    At least 3 Ethernet ports

    Up to 1Gbs Ethernet port

    Desktop version

    19” rack version

    Management

    Simple to use

    Reports and logging 


    Ged i ltd storage security3

    GED-i LtdStorage Security

    • Securing Data Residing on Storage devices and Data Transferred over IP Networks

    www.ged-i.com +972 9 8651054 [email protected]

    GED-I Proprietary


    Ged i ltd storage security4

    GED-i LtdStorage Security

    • Personal/Departmental Data Safe

    • Encrypting Data Resides on Departmental servers

    GED-I Proprietary


    Ged i ltd storage security

    Single groups

    Shared 5:1 Configuration

    Group 1

    Existing Computers with non-encrypted data

    Private Or Joint Encryption key, required to decrypt the encrypted disk. Removed to prevent access to data

    B

    C

    D

    A

    E

    Dedicated for GED-I’s encryption station

    GDDS 2000

    K(A)=K(B)=K(C)=K(D)=K(E)

    Ethernet-LAN

    A+B+…+E

    “Local Disk” withEncrypted data

    Shared data in shared disk Volume

    Local Disk

    Non-Encrypted data


    Ged i ltd storage security

    GED-I’s solution for

    Personal Data Safe – GPDS 2000

    1:1 Configuration

    Read with Keys

    Read with No Keys

    Removed to prevent access to data

    Read with no Key

    ABCDE

    &$#{}[

    “}#%>?+[\

    Ethernet-LAN

    GPDS 2000

    Data Safe

    Personal Computer


    Ged i ltd storage security

    Two Independent Groups

    Shared 5:1 Configuration

    Group 1

    Existing Computers with non-encrypted data

    Group 2

    Existing Computers with non-encrypted data

    Disk-on key with thousands of keys required to decrypt the encrypted disk. Removed to prevent access to data

    USB port

    K(Z)

    GPDS 2000

    K(A)

    A

    V

    W

    Z

    V+W+…+Z

    K(Z)=K(Y)=K(X)=K(w)=K(V)

    K(W)

    K(B)

    Ethernet-LAN

    B

    A+B+…+E

    K(A)=K(B)=K(C)=K(D)=K(E)

    K(V)

    K(E)

    E

    “Local Disk”

    Encrypted data

    Shared data in shared disk Volume

    Local Disk

    Non-Encrypted data


  • Login