.Part 5 Storage Security Best Practices and Support Information HP SAN Design Reference Guide 785355-001
• Integration with HP Secure Key Manager, providing secure and automated key sharing between
multiple sites to ensure transparent access to encrypted data
• Industry-standard AES 256-bit encryption algorithms for disk arrays on a single security platform
for SAN environments
• Frame Redirection technology that enables easy, nonintrusive deployment of fabric-based
security services
• Plug-in encryption services available to all heterogeneous servers, including virtual machines,
in data center fabrics
• Scalable performance with on-demand encryption processing power to meet regulatory
mandates for protecting data
Hardware requirements
You can use either the Encryption SAN Switch or the Encryption FC Blade for data encryption as
part of the B-series Encryption Switch security platform.
Supported security components
B-series Encryption Switch security platform supports the following software components:
• Encryption
• Frame filtering
• Advanced Zoning
• WebTools
• Enhanced Group Management
The B-series Encryption Switch security platform supports the following optional software components:
• Encryption SAN Switch Power Pack+ Software Bundle (optional)
• Adaptive Networking
• Fabric Watch
• Advanced Performance Monitor
• Extended Fabrics
• ISL Trunking
• Integrated Routing
• Data Center Fabric Manager Enterprise
B-series Fabric OS security
This section describes the B-series Fabric OS security features for resource protection, data protection,
and security validation.
Resource protection
This section describes the B-series Fabric OS resource protection features.
User management
Fabric OS provides two options for authenticating users:
• Remote RADIUS services—Users are managed by a remote RADIUS server. All switches in the
fabric can be configured to authenticate against this centralized database.
• Local user database—Users are managed by a local database, which is synchronized manually
using the distribute command. This command pushes a copy of the switch's database to
all other Fabric OS 5.3.0 (or later) switches in the fabric.
378 Storage security