Nexsan upgrades storage security appliance

By Ann Silverthorn

—Nexsan recently introduced the next generation of its Assureon appliance, which is designed for storage security, business continuity, and regulatory compliance. New features of Assureon 4.0 include a user interface for reporting, data-retention management capabilities, and hardware-accelerated encryption.

Assureon, which is based on Nexsan's Serial ATA (SATA) RAID subsystems, was first introduced in August 2005 as a secure storage appliance designed for the long-term archive protection, retention, and management of fixed-content data. The appliance combines features such as encryption, compliance retention policies, information lifecycle management (ILM), continuous data protection (CDP), content-addressed storage (CAS), and high-availability clustering (see "Nexsan combines CAS and encryption").

Since the last version was introduced, Nexsan has added the ability for users to create their own customized reports. For example, users can generate usage-monitoring reports and storage-capacity monitoring reports to determine whether more processing power is needed or more storage capacity should be purchased.

Assureon is certified for SEC 17, Sarbanes-Oxley, HIPAA, and FDA Rule 21 regulations and provides built-in retention rules for compliance. In addition, new data-retention management capabilities allow users to dynamically choose, based on metadata, how their data will be retained according to best business practices, whether from the date of creation, modification, or last access. Users also have the option of deciding how many versions of a file to keep.

As for archiving, Assureon's "secure archive" is based on a single-instance CAS model, so that only a single copy of a data object is stored in the archive, which reduces capacity demands and bandwidth requirements. The archive is "hardened" to meet security and compliance standards.

Assureon allows independent scaling of processing and capacity. To improve performance, Nexsan added an acceleration card for offloading AES 256 encryption. Because Assureon encrypts each file individually, the speed of readback is only limited by the speed of encryption.

"Individual file encryption allows individual file deletion from stored tapes," says Diamond Lauffin, senior executive vice president at Nexsan. "Users can destroy/shred the individual encryption keys of the files—and in essence, you've deleted them off the tapes—they're unreadable. They don't have to reload the tapes, reload the files, delete the files, and reload the tapes again." (Assureon supports shredding of encryption across disk, optical, and tape.)

Assureon also employs "full-file format," which is handy in case of the failure of the primary device in asynchronous replication. Lauffin cites other disk-based solutions that require users to repair the primary device before the restore begins. Assureon can function as the primary device before the restore starts.

"Users can access and work with those files, and when the failed device is back up and running they can initiate the restore [either full or file-by-file] transparently. Once the original system is rebuilt and verified as operable, the administrator can redirect traffic back to the original primary device," says Lauffin.

This article was originally published on May 15, 2006