Bloombase StoreSafe Data-at-Rest Encryption Security for SAN with Thales Gemalto SafeNet KeySecure

Bloombase StoreSafe Data-at-Rest Encryption Security for SAN with Thales Gemalto SafeNet KeySecure


In this tutorial, we will be showing Bloombase integration with KeySecure to secure data in FC SAN storage Bloombase provides data-at-rest encryption by acting as storage firewall in between client and FC SAN storage Bloombase will utilize external key manager, KeySecure, to store and manage encryption keys A required certificate which has been signed by KeySecure local CA is registered and active Access Bloombase Web Management console Navigate to Key Management – OASIS KMIP Key Manager Add and configure KMIP key manager Choose Safenet KeySecure and input host IP address or hostname Upload signed certificate under client keystore and KeySecure’s server certificate under trust certificate Confirm integration between Bloombase and KeySecure has been successfully configured Configure encryption key Go to modify key source tab and choose OASIS KMIP Key Manager with KeySecure as key manager Create new LUN on SAN and map it to Bloombase appliance over Fibre Channel Protocol Configure zoning on SAN switch First zone will be between Bloombase and FC SAN storage Second zone will be between Bloombase and client Create and enable zone config for the previously created zones Navigate to StoreSafe Configurations – Configure StoreSafe SAN In this demo, Bloombase has two HBA attached One as initiator, connected to FC SAN and another as target, connected to client FC LUN can be seen under Physical Storage Device once switch zoning and LUN access properly configured Configure physical storage Configure virtual storage Choose physical storage which will be used as backend storage Choose privacy as protection Choose the encryption key Choose the encryption algorithm List all initiators that need access to virtual storage On client machine that has been given access to virtual storage, new disk will be shown Follow New Simple Volume Wizard as always to initialize the new disk Bloombase secure drive is now ready to use All files or data put in Bloombase virtual storage is seamlessly encrypted on the fly and stored in FC SAN storage

Leave a Reply

Your email address will not be published. Required fields are marked *