Date: 26-Nov-2009 URL: www.sun.com/storage/tape_storage/tape_drives/crypto_keyms/features.xml

Sun StorageTek Crypto Key Management System

Features and Benefits

Encrypted tape cartridges allow you to distribute sensitive data to authorized users with more flexibility and far less risk. Well-managed encryption keys keep that data obscured from unauthorized eyes. The StorageTek Crypto Key Management System is your key to manufacturing, validation, and vault. It's smart, exceptionally reliable, absolutely secure, simple to install and use, and readily scalable.

Key Benefits

Centralized, secure, key management for data encryption
Scales to manage and protect growing volumes of sensitive data
Does not impact backup windows or restore times
Reduces the considerable legal and financial risks of sensitive data exposure
Ensures secure data protection for tape cartridges on and off-site
Simple to implement and manage

Data Security with Performance

A complete key management system

The Sun StorageTek Crypto Key Management System lets you manage all of your encryption keys from a secure, centralized location of your choosing. Through Crypto Key Management System policies, you can create, manage, and destroy software-based keys that allow or deny access to encrypted data. The system manages your key data using strict security standards and user quorums that provide security and accountability. This product complies with the Federal Information Processing Standard (FIPS) 140-2 certification for a secure and reliable data environment.

An umbrella of compatible protection

The key management system and encryption keys are device-independent and don't require any changes to your operating system, backup software, or tape libraries. It's comprised of 2 to 20 Sun Fire X-Series rack-mounted server appliances in clustered configurations that may all be local or geographically dispersed. This provides automatic mirroring and high availability across your environment. Each appliance runs the Solaris 10 Operating System (Solaris OS) and Sun Key Management software. Sun StorageTek reliability and support, and experience with both open systems and heterogeneous mainframe environments, make this a system you won't have to replace soon, no matter how fast your key volume grows.

The fast crytpo-active tape drive delivers legal compliance

The StorageTek cryptography solution starts with the crypto-ready Sun StorageTek T10000 or T9840D tape drives for device-based encryption. In either case, the solution encrypts data without a measurable impact to drive performance or cartridge capacity. It also includes VolSafe secure media technology for WORM storage.

Encrypt to reduce risk

Encrypted data is secure on tape cartridges, even if the cartridges themselves are exposed. In fact, it's so secure that if one of your tape cartridges is lost or stolen, encryption, under existing US, Canada, Japan, and EU regulations, eliminates the requirement to notify the public and parties whose identities could be comprised.

Gain control over data life

Encrypted data is secured and managed through Sun's Key Management System for issuing, canceling, and organizing keys. If a tape cartridge is physically lost or stolen, you can use the management system to cancel the encryption key to that data. This functionally destroys the data on the tape, denying all access.