Manualshelf

.Part 5 Storage Security Best Practices and Support Information HP SAN Design Reference Guide 785355-001

ManualsBrandsHP ManualsStorageHP B-Series Remote Replication Solutions
12345678910
Advanced Encryption Standard
AES is a block cipher designed for use in symmetric cryptography, which encrypts data in 128-bit
blocks. AES can use a key size of 128, 192, or 256 bits. The number of rounds varies by the key
length (for example, 10, 12, or 14 rounds for key sizes 128, 192, or 256, respectively). The
processing in each round is more efficient than DES and is better suited to high-speed parallel
operations. A subkey step using an XOR operation, followed by a MixColumns step, occurs before
the rounds are performed.
AES has equivalent modes to the ECB and CBC modes for DES. AES also has a counter mode in
which a sequence number uses an Exclusive-XOR operation with the plaintext before processing;
the sequence number is incremented for use with the next block.
Key management
Successful key management is the most important yet most difficult aspect of a cryptographic system
because it often requires coordination between departments and users, and the establishment and
enforcement of strict system policies. You must ensure the generation, storage, exchange, verification,
replacement, and destruction of keys.
Organizational security policies
Organizational security policies are high-level statements that define the data protection
requirements, which are driven by business needs. Auditing and reporting policies are added to
the security policies, and the business policies are then mapped to the security policies.
HP security strategy
This section describes the HP Secure Advantage, the HP security strategy.
HP Secure Advantage
HP Secure Advantage allows you to combine HP security products. The Secure Advantage portfolio
ensures secure automation, optimization, and acceleration of your infrastructure with proper
validation to reduce risk and improve business outcomes. HP provides solutions in information
security, identity management, key management, and compliance to ensure your enterprise security.
Secure Advantage builds on these existing security technologies to create manageable methods
for you to leverage encryption and key management. This allows you to protect your resources
and validate compliance with government and industry regulations.
Security is an important aspect of the HP Adaptive Infrastructure, which provides the platform for
the next-generation data center. Secure Advantage integrates with Adaptive Infrastructure enablers,
such as IT systems and services, power and cooling, virtualization, and automation.
The Secure Advantage portfolio considers three aspects to ensure storage security:
Resource protection
Data protection
Security validation
Resource protection
Resource protection is important to your security strategy. Using trusted platforms, you improve
availability and provide protection for networks, software, and database management systems.
Access control in a trusted and hardened infrastructure minimizes disruptions due to security
breaches.
Access control
Access control prevents unauthorized use of network resources and unauthorized disclosure or
modification of data (for example, preventing users from logging in to local workstations or limiting
372 Storage security