1 / 33

GED- i Ltd Storage Security

GED- i Ltd Storage Security. Securing Data Residing on Storage devices and Data Transferred over IP Networks. www.ged-i.com +972 9 8651054 dsaar@ged-i.com. Why Encryption is needed ?. Cost of Data Theft. Regulations. Security Incidents. Where Encryption is needed ?.

favian
Download Presentation

GED- i Ltd Storage Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. GED-i LtdStorage Security • Securing Data Residing on Storage devices and Data Transferred over IP Networks www.ged-i.com +972 9 8651054 dsaar@ged-i.com GED-I Proprietary

  2. Why Encryption is needed ? • Cost of Data Theft • Regulations • Security Incidents GED-I Proprietary

  3. Where Encryption is needed ? • ISP Site • Enterprise Data Center • Remote Hosting • DRP Site • Health Institutions • Financial Institutions • Bank • Research Center • University • Government • Defense • Merchants • Payments Processors GED-I Proprietary

  4. GED-i Products offeringData Encryption Superior - HA Best Security Superior - FC Superior - i AIO - HA GDDS AIO - FC AIO - i Entry level Security GPDS Enterprise Enterprise infrastructure Department Personal GED-I Proprietary

  5. GED-i Products offeringNetwork Encryption G4Crypt 1000 Fast G4Crypt 300 G4Crypt 100 Slow Enterprise Enterprise infrastructure Department GED-I Proprietary

  6. Network Security FW, VPN, IDS/IPS Network Device: PC,Laptop,PDA Access control Biometrics, Smart Card.. Application Application Security PIN, DRM Invasion through network Data Encryption Data Security Layers GED-I Proprietary

  7. GED-i LtdStorage Security • Encryption of • STORAGE DEVICES • (SAN) GED-I Proprietary

  8. GED-i High Availability Solution Clients AES 256 FC / iSCSI GSA 2000 EE (Encryption Engine) Server GKS 2000 (Key Server) Ethernet GEM 2000 (Element Manager) ABCD #W~Z GSA 2000 EE (Encryption Engine) Clients Storage GED-I Proprietary

  9. GED-i High Availability Solution Clients + Scrambling + Interference AES 256 Port 1 GSA 2000 EE (Encryption Engine) Port 2 Ethernet Server GKS 2000 (Key Server) GEM 2000 (Element Manager) Ethernet Port 3 Port 4 FC / iSCSI GSA 2000 EE (Encryption Engine) Storage Clients GED-I Proprietary

  10. GED-i High Availability Solution Clients GSA 2000 EE Encryption Engine GKS 2000 Key Server Server GSA 2000 EE Encryption Engine GEM 2000 Element Manager GSA 2000 EE Encryption Engine Storage Clients GED-I Proprietary

  11. Data Protection against…. • Direct Data Copy • Digital Way • Direct Data Copy • Remote Data Copy • Physical way • Take and Go • Take, Copy and Return • Remote Data Copy Service level • Take and Go • Take, Copy and Return Storage GED-I Proprietary

  12. GED-i Data Leak Prevention Use of Personal Encryption Key Clients Hiding Storage Data while using GED-i’s Encryption KEY solution Typical Link of End Users to Storage Device upon Encryption Key insertion Data becomes available to key holders group only upon Encryption Key removal Storage data becomes UNAVAILABLE again TOTAL Storage Data Encryption while using GED-I’s solution SELECTED Storage data is available to key holders only Storage data is Encrypted and NOT available Storage data is Encrypted and Available to End Users Server ABCD ?&#@ GKS 2000 Key Server Storage to continue press Space Bar GED-I Proprietary

  13. GED-i High Availability Solution Clients GSA 2000 EE Encryption Engine DRP GKS 2000 Key Server Server GSA 2000 EE Encryption Engine GEM 2000 Element Manager GSA 2000 EE Encryption Engine Storage Clients GED-I Proprietary

  14. GED-i High Availability Solution Clients DRP Site GSA 2000 EE Encryption Engine GKS 2000 Key Server Server GEM 2000 Element Manager GSA 2000 EE Encryption Engine Storage Clients GED-I Proprietary

  15. GED-i in Cloud Computing User Site Cloud Services at remote site Clients Server GSA 2000 EE Encryption Engine GKS 2000 Key Server GEM 2000 Element Manager Storage GED-I Proprietary

  16. GED-I Product Line • Superior Security • GSA 2000 - EE • GKS 2000 • GEM 2000 • High Security level Solution • External Key Server for multiple GSA 2000 - EE • Automatic High availability • All In One Security • GSA 2000 – AIO • GEM 2000 • Solution in single appliance • Internal Key management GED-I Proprietary

  17. GED-I Product Line • Superior Security • GSA 2000 - EE • GKS 2000 • GEM 2000 • Best Security Solution • Encryption engine • External Key Server • Automatic setup for High Availability • AES 256 • Optional : Segmentation & Scrambling GSA 2000 - EE Server GEM 2000 GKS 2000 Storage GED-I Proprietary

  18. GSA 2000For SAN Configuration • Specification Highlights • Storage Security Appliance • Connection In-line • iSCSI interface • Fiber Channel interface • At least 2 ports of 1Gb • Wire speed • External & Remote Key Server • Invisible to user • Invisible to storage application • Invisible to storage device GED-I Proprietary

  19. GSA 2000For SAN Configuration • Key Technology • Incorporates the algebraic AES, Segmentation and scrambling key • Ensuring an unmatched security level • Key Management • Physical Gap between the security appliance and the encryption engine • Encryption keys are remotely stored on the key Server • Key Server can be local or remotely deployed • Keys are transferred to the security appliance only as needed GED-I Proprietary

  20. GSA 2000For SAN Configuration • Easy Deployment • Plug and Play technology • Appliance with no IP address • No S/W installation onclient, server or storage • Self Learning • Easy and fast disaster recovery GED-I Proprietary

  21. GED-i LtdStorage Security • Network Encryption • Encrypting Data transmitted between IT islands GED-I Proprietary

  22. Network Encryption • Encrypting Data transmitted between IT islands ABCD %&^# Encrypted IP Network IPsec AES 256 ABCD Public Network

  23. Total Solution by GED-i

  24. Total Solution by GED-i

  25. Total Solution by GED-i

  26. The G4Crypt is an encryption appliance available as desktop or 19” rack mountable device, providing encryption at rates of 100Mbs, 300Mbs and near 1Gbs. G4Crypt Models • An encryption appliance • Desktop or 19” Rack mountable device • Encryption at rates of 100Mbs, 300Mbs and near 1Gbs.

  27. G4Crypt Models Technical Specification AES – FIPS 197 (256) CBC X.509 v3 digital certificates Pre-shared secrets HMAC-SHA-1-96 Encapsulating Security Payload (ESP) Tunnel mode Encapsulating Security Payload (ESP) Transport mode Ethernet Encapsulated Security Payload Ethernet link IPv4 Easy Deployment Plug and Play technology No S/W installation Specification Highlights Ethernet Link IPsec - Layer 3 IP packet encryption AES 256 encryption G4Crypt100 for 100Mbs G4Crypt 300 for 300Mbs G4Crypt 1000 for near 1Gbs Point to Point link Multi Point to Point links Transparent bridge Appliance Technology At least 3 Ethernet ports Up to 1Gbs Ethernet port Desktop version 19” rack version Management Simple to use Reports and logging 

  28. GED-i LtdStorage Security • Securing Data Residing on Storage devices and Data Transferred over IP Networks www.ged-i.com +972 9 8651054 dsaar@ged-i.com GED-I Proprietary

  29. GED-i LtdStorage Security • Personal/Departmental Data Safe • Encrypting Data Resides on Departmental servers GED-I Proprietary

  30. Single groups Shared 5:1 Configuration Group 1 Existing Computers with non-encrypted data Private Or Joint Encryption key, required to decrypt the encrypted disk. Removed to prevent access to data B C D A E Dedicated for GED-I’s encryption station GDDS 2000 K(A)=K(B)=K(C)=K(D)=K(E) Ethernet-LAN A+B+…+E “Local Disk” withEncrypted data Shared data in shared disk Volume Local Disk Non-Encrypted data

  31. GED-I’s solution for Personal Data Safe – GPDS 2000 1:1 Configuration Read with Keys Read with No Keys Removed to prevent access to data Read with no Key ABCDE &$#{}[ “}#%>?+[\ Ethernet-LAN GPDS 2000 Data Safe Personal Computer

  32. Two Independent Groups Shared 5:1 Configuration Group 1 Existing Computers with non-encrypted data Group 2 Existing Computers with non-encrypted data Disk-on key with thousands of keys required to decrypt the encrypted disk. Removed to prevent access to data USB port K(Z) GPDS 2000 K(A) A V W Z V+W+…+Z K(Z)=K(Y)=K(X)=K(w)=K(V) K(W) K(B) Ethernet-LAN B A+B+…+E K(A)=K(B)=K(C)=K(D)=K(E) K(V) K(E) E “Local Disk” Encrypted data Shared data in shared disk Volume Local Disk Non-Encrypted data

More Related