EMC beefs up Symmetrix security

By Kevin Komiega

—EMC has officially begun integrating security technology from its RSA Security division into its enterprise storage hardware with the news that stronger authentication, authorization, and audit capabilities are now native to the Symmetrix DMX-3 disk arrays. The announcement marked the first security-related launch since the finalization of EMC's $2.1 billion acquisition of RSA. EMC also rolled out 4Gbps Fibre Channel connectivity and support for RAID 6 on the Symmetrix DMX-3.

EMC has incorporated a trio of RSA features into the DMX-3, including Symmetrix Service Credential, Tamper-proof Audit Log, and EMC Certified Data Erasure.

Symmetrix Service Credential secures the actions of service personnel on DMX-3 systems to protect and preserve data integrity. This new feature requires authentication of users accessing the Symmetrix service processor using encrypted credentials and individual passwords and then authorizes their actions and prevents unauthorized actions.

The Tamper-proof Audit Log securely records and tracks all service or management activities on DMX-3 arrays. New enhancements to Audit Log and Solutions Enabler software ensure service and host-initiated actions are recorded in a tamperproof log.

Certified Data Erasure adheres to the Department of Defense (DoD) specification 5220.22-M for secure data erasure. The feature ensures all information on failed drives is securely erased before they are removed from the system. Data on failed disk drives is erased within the system, and an auditable record of data erasure is provided to the customer. Additionally, EMC Global Services is offering data erasure as a service via the company's Certified Disk Erasure Service for drives that are removed from EMC storage systems.

The RSA security features are expected to trickle down into EMC's midrange Clariion systems, but EMC isn't quite ready to detail how and when the technology will show up in other platforms.

According to Bob Wambach, EMC's senior director of Symmetrix product marketing, "Everybody has been busy fortifying the perimeter, but that approach ignores the fact that information lives everywhere. It's like having a bank with dozens of armed guards outside, but once you walk through the door the money is sitting there in a big pile in the lobby."

Wambach would not provide details about potential plans for integrating RSA's technology with other EMC gear.

"Symmetrix is the intuitive place to start because DMX-3 systems protect the most-critical data assets. Our intent is to increasingly leverage the security technology as we go on," says Wambach.

The performance enhancements for DMX-3 include support for 4Gbps Fibre Channel and RAID-6 protection, as well as a few new optimization tools such as dynamic cache partitioning, Symmetrix Priority Controls, and SRDF/A Reserve Capacity.

Dynamic cache partitioning gives users the ability to segregate memory resource allocation on a Symmetrix system into as many as eight dynamic partitions for different applications. Priority Controls manage multiple application workloads and priority levels for device groups, assigning priority levels based on service-level requirements. And the SRDF/A Reserve Capacity enhancement safeguards continuous remote replication operations by buffering in-transit data to disk during temporary outages and/or network congestion.

All of the new security, connectivity, and support capabilities will be available in the first quarter of 2007.

The Symmetrix Service Credential, Audit Log, RAID 6, and enhanced SRDF/A replication capabilities are included with Enginuity operating system release 5772.

This article was originally published on February 07, 2007