Data Storage Product Comparison: Open-E DSS V7 vs Open-E JovianDSS
Over the past 25 years, Open-E has had to say goodbye to old "friends" several…
Read More
0 Liked
Open-E JovianDSS Up30 Features – SED Support for Non-Shared Storage Clusters
In 2022, along with the Up29r2 update, we have presented you with a new Open-E JovianDSS feature – SED support for single nodes and shared storage clusters. In the latest system update – Open-E JovianDSS Up30, we are happy to announce that Open-E JovianDSS now supports the SED feature for non-shared storage clusters as well. So let’s use this to remind you what exactly SED is, why you should use it in your infrastructure, and what challenges may arise regarding SED if it’s used with a less developed data storage system than Open-E provides.
What is a SED?
A Self-Encrypting Drive (SED) is a hard disk drive (HDD) or solid-state drive (SSD) that automatically encrypts and decrypts data without requiring user input or additional disk encryption software. By embedding encryption within the drive hardware, SEDs offer robust data security, ensuring that data remains protected whether the drive is in use or inactive.
SED support is a feature available in Open-E JovianDSS from the Up29r2 version. Because self-encryption is a powerful tool to elevate the security of your data, the Open-E Text User Interface simplifies the setup process, requiring only a few steps to enable SED functionality.
SED Implementations with Single-Node and Clusters
In the context of Self-Encrypting Drive (SED) support, the main difference between shared and non-shared storage clusters lies in how the encryption keys are managed and utilized across the cluster nodes.
Single Node Implementation
In a single-node configuration, only one node manages all the storage resources. This setup is straightforward because there is no need to synchronize or share encryption keys with other nodes. The single node generates, stores, and manages its SED encryption keys locally. This approach simplifies the management process since all encryption-related operations are confined to a single node.
Non-Shared Storage Clusters
In a non-shared storage cluster configuration, each cluster node operates independently, with its own set of storage resources and management domain. Each node manages its SEDs separately, including encryption key management. This means that encryption keys are generated, stored, and managed locally on each node, and keys or encryption configurations are not shared between nodes.
Shared Storage Clusters
In a shared storage cluster configuration, multiple cluster nodes share access to a common set of storage resources, managed centrally by the cluster software. In a shared storage cluster, encryption keys may be managed centrally by the cluster management software, allowing for consistent encryption settings and key management across all cluster nodes. This centralized approach simplifies key management and ensures uniform encryption practices across the cluster.
The choice between single node and shared/non-shared storage cluster configurations depends on factors such as performance requirements, scalability, and data access patterns. While all these configurations support SEDs, the key management approach and level of integration with node or cluster management software may differ between the three.
Why Should You Use SED?
→ Instant Encryption and Decryption
SEDs eliminate the noticeable encryption time associated with software-based encryption solutions. This means data is encrypted and decrypted automatically and instantly without impacting user experience.
→ Performance Optimization
Unlike software encryption that can impose significant performance overhead on the host system, SEDs perform encryption and decryption within the drive itself. This results in better overall system performance as the CPU is not burdened with encryption tasks.
→ Longevity and Durability
Software encryption increases the number of read and write operations, which can wear out drives more quickly. SEDs handle encryption natively, potentially extending the usable life of the drive compared to those used in software-encrypted systems.
→ Enhanced Security
The encryption key is stored on the drive itself, making it inaccessible through host hacking. This provides a higher level of security compared to software encryption, which can be vulnerable to host-based attacks.
→ Simplified Implementation
Implementing SEDs in storage arrays is less complex than setting up software-based encryption solutions. This simplicity makes it easier to deploy secure storage solutions across an organization.
→ Secure Erase Functionality
SEDs offer a secure erase feature that efficiently renders data on the inaccessible drive, reducing re-provisioning and end-of-life costs. Note that the process of data overwritten is the only effective way to ensure data on an SSD cannot be recovered.
→ Password Protection
Using SED requires setting a password to protect your data even more. However, it is crucial to remember this password; if forgotten, the data is permanently inaccessible.
One Software to Rule Them All
Implementing SED to data storage infrastructure based on different environment types requires careful planning, implementation, robust encryption management processes, and ongoing monitoring and maintenance to ensure the security and integrity of data. Hence, it’s worth using a system that can manage a node or a cluster in the infrastructure, provides easy setup, maintenance mechanisms, and has an intuitive GUI or TUI. Open-E JovianDSS is such a system, and it supports SED in non-shared and shared storage clusters as well as in a single node.
By integrating SEDs into your data storage infrastructure with Open-E JovianDSS, you can achieve a high level of data security, enhanced performance, and compliance with regulatory standards while simplifying the encryption process and keeping your data more secure.
IMPORTANT!
Not all disks support SED functionality. Hence, our Open-E Team tests each drive that is supposed to be included in a certified server to ensure that all compatibility and performance requirements are met. The constantly updated list of the drives already tested regarding usage and performance with the SED feature compatible with Open-E JovianDSS can be found here.
Open-E JovianDSS Up30 – Get Ready for More
As you can see, Open-E JovianDSS Up30 features significantly improve the base product. However, SED support for non-shared storage clusters is not our latest update’s only advancement. Stay tuned for future articles in which we will highlight the rest to show how much your business and data storage infrastructure benefit from using our Open-E JovianDSS and its news update.
We strongly advise customers who use our legacy data storage system, Open-E DSS V7, to switch to Open-E JovianDSS. Open-E DSS V7 will reach its end of life on November 1st, 2024. Until then, customers will still be able to use their existing licenses and support contracts until they expire but not extend them. System updates will not be provided, either.
If you’re considering migrating from Open-E DSS V7 to Open-E JovianDSS, reach out to your Open-E Sales Representative for a tailored special offer. This offer encompasses:
- A discounted licensing model allows the transfer of the current licenses to the new product.
- Enhanced upgrade support covering hardware and system architecture. We’ll assist in selecting the optimal hardware configuration and system design for an updated data storage solution.
- Consulting services to navigate the migration process smoothly, ensuring a successful transition.
Read our dedicated brochure to learn more about the transition process from Open-E DSS V7 to Open-E JovianDSS on preferential terms.
Data Storage Solutions For Financial Sector
Major Cybersecurity Threats in 2024 and Beyond
Open-E Data Storage Solutions for Gaming Industry
Keep Your Storage Secure and Scrub Data Regularly
Warming Up for Intel Solutions Summit 2013
Introducing: Open-E JovianDSS – Software Defined Data Storage
Leave a Reply