By Kevin Komiega
—PMC-Sierra recently announced the availability of a new controller-based encryption product family that can be deployed in existing Fibre Channel, SAS, or SATA storage systems and encrypt data without affecting performance, eliminating the need to roll out new disk drive or appliance-based encryption technologies.
PMC-Sierra's new protocol controllers with integrated data encryption—the PM8031 QE8e+ for Fibre Channel and PM8002 SPCe 8x6G for SAS/SATA—allow storage OEMs to build encryption capabilities into disk arrays without introducing additional appliances, components, or software into the storage infrastructure.
The PM8031 Tachyon QE8e+ Fibre Channel controllers offer speeds of 2, 4, and 8Gbps, while the SAS/SATA version—the PM 8002 Tachyon SPCe 8x—clocks in at 1.5, 3, and 6Gbps. The StorClad controllers are capable of delivering 400,000 I/Os per second (IOPS) per channel, and the architecture supports the IEEE 1619.3 Key Management standard for compatibility with Key Management Servers (KMS) that manage encryption keys and encrypt/decrypt data through a key management interface.
The StorClad encryption architecture is scalable to thousands of disk drives and enables encryption at the logical unit number (LUN), application, or I/O level. The architecture also supports multiple servers, encryption zones, and more than one million keys per controller.
"We're getting rid of some of the obstacles that have kept encryption in a niche role by integrating it into the I/O controller and making it affordable," says Kevin Burbank, PMC-Sierra's director of product marketing.
Burbank says the PM8031 and PM8002 are currently available in prototype quantities at a cost of $400 each. However, he claims, the component price will decrease as OEMs begin adopting the technology on a large scale, making the cost of encryption a negligible percentage of overall system pricing.
The Tachyon controllers with StorClad technology are available now to PMC-Sierra's partners. The company's largest OEM customers include vendors such as EMC, Engenio, Hewlett-Packard, Hitachi Data Systems (HDS), and IBM.
PMC-Sierra's StorClad architecture includes Tachyon controller-based encryption, protocol controller software, and a key management and programming interface, supported through the Tachyon Software Development Kit (TSDK).
According to Burbank, at least one of the company's major OEM customers has indicated that it plans to standardize on the StorClad encryption platform. Partner announcements and volume shipments are expected later this year.
The wide-scale deployment of data encryption technologies has been slowed by several obstacles, most notably performance degradation and overall cost. One of the biggest barriers to adoption, according to Greg Schulz, founder and senior analyst at the StorageIO Group, is the lack of simple key management systems. It's a simple problem with huge consequences: Lose the key, lose the data.
"Key management is the key to encryption. Some large organizations don't encrypt data for fear of losing keys. If you lose your encryption keys you aren't going to call a locksmith," says Schulz.
The Holy Grail of encryption is integration with existing key management systems. "An encryption solution begins to overcome barriers to adoption when the technology is open enough to plug into different systems, is cost-effective, and is so transparent that you don't have to worry about key management," says Schulz. "It's a balancing act."