NVMe storage and connectivity solutions are frequently deployed to satisfy the stringent performance and reliability requirements of industrial, media and AI applications designed to process large volumes of sensitive data. Securing this data from prying eyes, while protecting the privacy of end users and corporate customers alike is of critical importance. As such, disk encryption technology is quickly become an essential component of storage solutions designed to address these workflows.
HighPoint’s SafeStorage solution was developed to work in conjunction with the state-of-the-art SED technology employed by all classes (Client, Datacenter and Enterprise) of modern NVMe media, and is based on the OPAL SSC TCG specifications. It is designed to protect data assets when physical drives are misplaced or stolen by preventing unauthorized access to stored data.
First introduced with our PCIe Gen4 SSD7580C 8-Channel U.2/U.3 NVMe RAID HBA, SafeStorage can be applied to both single-disk and RAID configurations, and is activated via a service known as Disk Security, which can be administered via our software management and monitoring suites.
Designed for RAID or Independent Drive Configurations
Unlike many competing solutions, HighPoint SafeStorage was developed to accommodate storage configurations comprised of both large-scale RAID arrays and individually configured drives. Disk Security for RAID volumes is enabled at the time of creation, and will automatically activate each disk member’s self-encryption capabilities.
Securely Lockdown Crucial Data from Unauthorized Access
When Disk Security is enabled, your data is automatically locked down whenever the disk media is removed from the HighPoint storage or connectivity device.
HighPoint SafeStorage assigns unique identifiers, known as “Keys”, in the form of Passwords, to the HighPoint device and each hosted disk. The Keys are automatically created when the Disk Security feature is activated and can be configured/modified by the administrator as required. This system ensures your data cannot be accessed unless the keys match.
Keys/Passwords are securely stored by the HighPoint device and can be managed using the WebGUI and CLI management suites (and in the near future, our UEFI RAID utility). Unless an Administrator changes a Key, disks/arrays can be accessed normally. However, Lockdown mode is enabled as soon as the disk is removed.
Stolen disks cannot be simply moved to a separate HighPoint/Non-HighPoint Adapter or Enclosure for access. The “thief” would need to link the disk/array to the new HighPoint device, and would need to enter the original Keys to do so.
Cryptographic Erasure
Changing or deleting encryption keys for SED capable disks will render all encrypted data indecipherable and thus, unrecoverable. SafeStorage allows administrators to delete and regenerate Keys (aka Passwords) as needed to ensure your encrypted data is always under lock and key. A few simple commands enable authorized administrators to immediately prep storage for resale, retirement or reuse.
The Cryptographic Erase command replaces the encryption Key inside each drive; this makes it impossible to ever decrypt data stored on these devices. When executed, data is rendered inaccessible and considered cryptographically erased. The drives can then be reset to an unowned state and reused once a new encryption key is generated.
In addition, upon disabling the Disk Security feature, SafeStorage will automatically initiate the cryptographic erase command. The process is automated and takes only seconds to complete. Disk Security can be easily disabled at any time, using HighPoint’s WebGUI and CLI utilities.
PCIe Gen5 x16 to 4-MCIOx8 NVMe RAID Adapter: Rocket 7628A
The Rocket 7628 8-Channel PCIe Gen5 NVMe RAID Adapter was designed for professional applications that require uncompromised Storage Performance with the flexibility of proven RAID technology and the industry's most comprehensive storage health Monitoring & Management suite. It can directly support up to 8 U.2/U.3 or E3.S NVMe SSDs via four MCIO ports and cable-to-backplane connectivity. Hosted media can be configured into as many as 4 separate RAID 0, 1 or 10 arrays, including bootable volumes or mixed configurations of single SSDs and arrays. In addition, RocketStor 7628A Adapters are Hot-Plug & Hot-Swap capable; administrators can easily add or remove RAID arrays and individual NVMe SSDs without rebooting the OS or powering down the host platform.
PCIe 5.0 x16 to 8-M.2x4 NVMe RAID AIC: Rocket 7608A
The Rocket 7608 8-Channel NVMe RAID AIC is an ultra-compact high-density, RAID storage solution designed to address professional workflows that require uncompromised PCIe Gen5 NVMe Storage Performance and flexibility of proven RAID technology. Rocket 7608A AICs can directly host up to eight 2280 form factor M.2 SSDs which can be configured into as many as 4 separate RAID 0, 1 or 10 arrays, including bootable volumes or mixed configurations of single SSDs and arrays.
Rocket 7608A AICs intelligent PCIe Gen5 cooling solution employs a Full-Length Aluminum Heatsink with copper SSD contacts, two layers of thermal padding and a powerful low-decibel cooling to ensure hosted M.2 media always operate within their recommended temperature threshold to maximize lifespan and transfer performance
2nd Generation PCIe Gen4 x16 to 4x SlimSAS NVMe RAID Adapter: Rocket 7528D
The Rocket 7528D 2nd Generation PCIe Gen4 NVMe RAID Adapter was designed for professional applications that require uncompromised Storage Performance with the flexibility of proven RAID technology and the industry's most comprehensive storage health Monitoring & Management suite. It can directly support up to eight 2.5" U.2 or U.3 NVMe SSDs via four SlimSAS SFF-8654 Ports and cable-to-backplane connectivity.
Hosted media can be configured into as many as 4 separate RAID 0, 1 or 10 arrays, including bootable volumes or mixed configurations of single SSDs and arrays. In addition, Rocket 7528D Adapters are Hot-Plug & Hot-Swap capable; administrators can easily add or remove RAID arrays and individual NVMe SSDs without rebooting the OS or powering down the host platform.
Server Intergrated & Compact Form Factor: SSD7749E/M HighPoint’s revolutionary SSD7749 series of Dual-Width PCIe 4.0 x16 8-Channel NVMe controllers were designed for demanding Industrial and AI applications that require a high-density NVMe storage solution with blazing fast PCIe Gen4 x16 performance and Datacenter class reliability.
SSD7749 series AICs are ideal for compact platforms that do not have space for internal drive bays. The AICs directly host the NVMe media within a fully enclosed aluminum casing, which incorporates a tool-less SSD loading system and powerful NVMe cooling system capable of accommodating E1.S or M.2 SSDs of any form factor and thickness, including high-density dual-sided models equipped with heatsinks or heat spreaders.
This rugged, all-in-one design makes moving NVMe storage a snap. Though the double-width form fact makes them a bit larger than standard NVMe controller cards, SSD7749 series AICs are roughly the same size and shape as a high-end GPU, and can be just as readily moved from system to system – just unplug the card from one platform and install it into another. No additional cooling or cabling apparatus is needed.
SafeStorage is an ideal match for this type of solution. Your data will remain under lock and key, even if the card is misplaced or stolen. Unless you have the required Security Keys, the data can never be accessed.
Learn More:
Comments