Thanks, Tony.
What about the datasets you *tend* to encrypt. Do you take an encrypt by default approach or an encrypt as needed approach[1]?
Thanks, Ray
[1] Am looking at IBM-based KMS' to support some tape libraries as well (LTFS). Perhaps SafeNet would work for those as well, but there's a steep enough premium on five year TCO vs. the non-encrypted setup that it's making me re-think my approach.
On Thu, Apr 16, 2015 at 07:30:17AM +0000, Tony Bar wrote:
Ray -
The majority of my customers use the SafeNet appliance(s) -- cluster always in these situations obviously -- they are relatively inexpensive and very easy to use, even for the most casual of admins. The integration with the self-encrypted drives is very well done in my opinion too.
Hope that helps.
Anthony Bar | Director of Engineering 650.207.5368 | tbar@berkcom.com
Berkeley Communications | www.berkcom.com NetApp | Cisco | VMware | SuperMicro | Big Data & Analytics | HPC
On Apr 16, 2015, at 12:18 AM, Ray Van Dolson rvandolson@esri.com wrote:
Hi all -- for those of you doing encryption (on NetApp or another platform): What are you using for Key Management? SafeNet? IBM's KMS? Something else? Do you find yourselves purchasing self-encrypting drives *only* for datasets you're sure need it vs. creating a catch-all location where mixed data lives but at lesat you can say that it's "all encrypted at rest"? The approach here can obviously impact costs... Thanks, Ray