Interoperability of Bloombase StoreSafe and ATTO Celerity 16G Fiber-Channel Host Bus Adapter (FC-HBA) for Transparent Data-at-Rest Encryption

Similar documents
Interoperability of Bloombase StoreSafe and ATTO FastFrame 10GbE Ethernet Adapter for Transparent Data-at-Rest Encryption

November, Executive Summary

Interoperability of Bloombase StoreSafe Security Server, QLogic FC-HBAs and QLogic SAN Switch for Transparent Storage Area Network (SAN) Encryption

Interoperability of Bloombase StoreSafe and Huawei OceanStor V3-Series for Transparent Storage Encryption

Interoperability of Bloombase StoreSafe and Huawei OceanStor T-Series for Transparent Storage Encryption

Interoperability of Bloombase Spitfire StoreSafe Security. for Transparent IP-Storage Area Network (SAN) Encryption

Interoperability of Bloombase StoreSafe and Thales payshield for Data-at-Rest Encryption

Windows Server 2012: Server Virtualization

Oracle Communications HP Solutions Firmware Upgrade Pack

Windows Server 2012: Manageability and Automation. Module 1: Multi-Machine Management Experience

Receive and Forward syslog events through EventTracker Agent. EventTracker v9.0

RMH RESOURCE EDITOR USER GUIDE

Storage Area Network (SAN) Training Presentation. July 2007 IBM PC CLUB Jose Medeiros Storage Systems Engineer MCP+I, MCSE, NT4 MCT

Hewlett-Packard Enterprise Company

HP StorageWorks Continuous Access EVA 2.1 release notes update

IBM System Storage LTO Ultrium 6 Tape Drive Performance White Paper

Server Installation Guide

Steel-Belted Radius Installation Instructions for EAP-FAST Security Patch

Virtual Appliance Deployment Guide

Oracle Communications HP Solutions Firmware Upgrade Pack

RMH PRINT LABEL WIZARD

An Introduction to GPFS

IBM System Storage TS1120 Tape Drive

OnCommand Unified Manager 7.2: Best Practices Guide

SUPPORT MATRIX. HYCU OMi Management Pack for Citrix

SECURE FILE TRANSFER PROTOCOL. EventTracker v8.x and above

Port Configuration. Configure Port of EventTracker Website

IBM Storage Host Attachment Kit for HP-UX Version Release Notes IBM

HP BladeSystem Matrix Compatibility Chart

SUPPORT MATRIX. Comtrade OMi Management Pack for Citrix

Oracle Communications HP Solutions Firmware Upgrade Pack

x10data Smart Client 7.0 for Windows Mobile Installation Guide

MQESS Installation Manual

IBM XIV Host Attachment Kit for HP-UX Version Release Notes

Product Update: ET82U16-029/ ET81U EventTracker Enterprise

1 Installing the Address Verification Server

Evaluation Report: HP StoreFabric SN1000E 16Gb Fibre Channel HBA

Oracle FS1-2 Flash Storage System. Customer Release Notes 6.1. Part Number E Oracle FS1-2 System release July

Oracle Enterprise Manager Ops Center E Introduction

IBM Flex System FC port 8Gb FC Adapter IBM Redbooks Product Guide

Overview. Implementing Fibre Channel SAN Boot with the Oracle ZFS Storage Appliance. January 2014 By Tom Hanvey; update by Peter Brouwer Version: 2.

ORACLE FABRIC MANAGER

Flex System FC port and FC port 16Gb FC Adapters Lenovo Press Product Guide

HP StorageWorks 4000/6000/8000 Enterprise Virtual Array connectivity for Sun Solaris installation and reference guide

Flex System FC5024D 4-port 16Gb FC Adapter Lenovo Press Product Guide

VMware VMmark V1.1 Results

x10data Smart Client 6.5 for Windows Mobile Installation Guide

SMB Live. Modernize with Hybrid Cloud. Lab 1: Exploring Windows Server 2012 R2 & Hyper-V

IBM XIV Host Attachment Kit for HP-UX Version Release Notes

Brocade 16Gb FC Single-port and Dual-port HBAs for System x IBM Redbooks Product Guide

Brocade 16Gb FC Single-port and Dual-port HBAs for System x IBM Redbooks Product Guide

IBM Directory Server 4.1 Release Notes

CHECK PROCESSING. A Select Product of Cougar Mountain Software

Flex System FC port 8Gb FC Adapter Lenovo Press Product Guide

Sizing the Hardware and Database Required by an eg Manager

MSA1500csReleaseNotes8_ txt MSA1500cs ReleaseNotes. hp StorageWorks Modular Smart Array 1500 cs Release Notes. Third Edition (February 2005)

Flex System FC port 16Gb FC Adapter Lenovo Press Product Guide

Getting Started with Tally.Developer 9 Alpha

NexentaStor 5.x Reference Architecture

Oracle Fusion Middleware

EventTracker v8.2. Install Guide for EventTracker Log Manager. EventTracker 8815 Centre Park Drive Columbia MD

Microsoft Exchange Server SMTPDiag

Introduction Optimizing applications with SAO: IO characteristics Servers: Microsoft Exchange... 5 Databases: Oracle RAC...

Oracle Utilities Customer Care and Billing

RMH GENERAL CONFIGURATION

SAP SD Benchmark with DB2 and Red Hat Enterprise Linux 5 on IBM System x3850 M2

Lab Answer Key for Module 1: Creating Databases and Database Files

IBM Flex System FC5024D 4-port 16Gb FC Adapter IBM Redbooks Product Guide

How To Embed EventTracker Widget to an External Site

HP solutions for mission critical SQL Server Data Management environments

2 Latest Upgrade Information

Oracle Utilities Customer Care and Billing

Veritas NetBackup and Oracle Cloud Infrastructure Object Storage ORACLE HOW TO GUIDE FEBRUARY 2018

IBM XIV Host Attachment Kit for HP-UX Version Release Notes

Exclaimer Outlook Photos 1.0 Release Notes

VMware VMmark V1.1 Results

Mobile On the Go (OTG) Server

Exclaimer Mail Disclaimers 1.0 Release Notes

hp StorageWorks modular SAN array 1000 Compatibility Matrix Checkmarks Microsoft indicate hyperlinks to following pages

Oracle Communications Configuration Management

Oracle VM. Getting Started Guide for Release 3.2

Exchange Server 2007 Performance Comparison of the Dell PowerEdge 2950 and HP Proliant DL385 G2 Servers

VMware VMmark V1.1 Results

Centrify for Splunk Integration Guide

Oracle Utilities Smart Grid Gateway

An Oracle White Paper November Primavera Unifier Integration Overview: A Web Services Integration Approach

QuickSpecs. Models. HP StorageWorks 8Gb PCIe FC HBAs Overview

Selecting Server Hardware for FlashGrid Deployment

Oracle Communications

DtS Data Migration to the MSA1000

Configuring IBM Rational Synergy to use HTTPS Protocol

Enhancement in Agent syslog collector to resolve sender IP Address EventTracker Enterprise

The HBAs tested in this report are the Brocade 825 and the Emulex LightPulse LPe12002 and LPe12000.

VMware VMmark V1.1 Results

HPE Serviceguard for Linux Certification Matrix

Governance, Risk, and Compliance Controls Suite. Hardware and Sizing Recommendations. Software Version 7.2

IBM Rational Synergy DCM-GUI

Exchange 2003 Archiving for Operational Efficiency

Copyright International Business Machines Corporation 2008, 2009, 2010, 2011, 2012, 2013 All rights reserved.

Microsoft Dynamics GP. Extender User s Guide Release 9.0

Transcription:

Bloombase Interoperability Program P1 2017 Bloombase, Inc. Interoperability of Bloombase StoreSafe and ATTO Celerity 16G Fiber-Channel Host Bus Adapter (FC-HBA) for Transparent Data-at-Rest Encryption April, 2017 Executive Summary ATTO carrier grade Celerity 16G Fiber Channel Host Bus Adapters (FC-HBA) are validated by Bloombase s interoplab to run with Bloombase StoreSafe to secure Hewlett Packard Enterprise (HPE) MSA P2000 Storage Area Network (SAN) by state-of-the-art encryption. This document describes the steps carried out to test interoperability of ATTO Celerity 16G FC-HBAs with Bloombase StoreSafe Storage Encryption Server running on Intel x86-based commercial-off-the-shelf (COTS) server appliances. Storage client running Red Hat Enterprise Linux (RHEL) 7 on HPE ProLiant DL20 Server with ATTO Celerity 16G FC-HBA is validated with Bloombase StoreSafe Storage Encryption Server securing HPE MSA P2000 FC-SAN.

Bloombase Interoperability Program P2 2017 Bloombase, Inc. Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, people and events depicted herein are fictitious and no association with any real company, organization, product, person or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Bloombase. Bloombase may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Bloombase, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. This document is the property of Bloombase. No exploitation or transfer of any information contained herein is permitted in the absence of an agreement with Bloombase, and neither the document nor any such information may be released without the written consent of Bloombase. 2017 Bloombase, Inc. Bloombase, Bloombase, Spitfire, StoreSafe are either registered trademarks or trademarks of Bloombase, Inc. in the United States, European Union, and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. The interoperability tests in this report are carried out at Bloombase interoplab with sponsor from ATTO Technology, Inc. About ATTO Technology, Inc. ATTO Technology, Inc., headquartered in Amherst, New York, is a global leader of storage connectivity and infrastructure solutions for data-intensive computing environments. It is our vision to provide a wide range of end-to-end solutions to help customers better store, manage and deliver their data. We believe that our company's experience in engineering advanced technology into real-world product solutions provides customers a unique competitive advantage. For more information, please refer to https://www.atto.com Document No. BLBS-TN-Bloombase-StoreSafe-ATTO-Celerity-16G-FC-HBA-Interoperability-USLET-EN-R0.92

Bloombase Interoperability Program P3 2017 Bloombase, Inc. Table of Contents

Bloombase Interoperability Program P4 2017 Bloombase, Inc. Table of Contents 3 Purpose and Scope 5 Assumptions 6 Infrastructure 7 Setup 7 Bloombase StoreSafe Storage Encryption Server 8 Storage Client 9 Fiber Channel Storage Area Network (SAN) 9 SAN Switch 9 Configuration Overview 10 ATTO Celerity Fiber Channel Host Bus Adapter 10 Interconnect 11 Bloombase StoreSafe Software Appliance 12 Encryption Key Configuration 12 Virtual Storage Configuration 13 Physical Storage Target Configuration 14 Encrypted Virtual Storage Provisioning 15 Validation Tests 18 Test Scenarios 18 Validation Matrix 18 Raw Storage Device Tests 19 File System Tests 19 Result 20 Raw Storage Device Tests 20 File System Tests 20 Conclusion 22 Acknowledgement 23 Disclaimer 24 Technical Reference 25

Bloombase Interoperability Program P5 2017 Bloombase, Inc. Purpose and Scope This document describes the steps necessary to integrate ATTO Celerity FC-162E 16G Fiber Channel Host Bus Adapters (FC-HBA) with HPE ProLiant DL20 commercial-off-the-shelf server as storage client and test with Bloombase StoreSafe enterprise storage software appliance to secure sensitive business data managed at Hewlett Packard Enterprise (HPE) MSA P2000 Fiber Channel Storage Area Network (FC-SAN) via Fiber Channel Protocol (FCP). Specifically, we cover the following topics: Installing and configuring Bloombase StoreSafe software appliance on HPE ProLiant DL20 server Provisioning storage volume at HPE MSA P2000 FC-SAN to be secured by Bloombase StoreSafe Interoperability testing on client system with Red Hat Enterprise Linux (RHEL) 7 on HPE ProLiant DL20 server with ATTO Celerity FC-162E 16G FC-HBA

Bloombase Interoperability Program P6 2017 Bloombase, Inc. Assumptions This document describes interoperability testing of ATTO Celerity FC-162E 16G FC-HBA with Bloombase StoreSafe on HPE ProLiant DL20 Server for data-at-rest encryption. It is assumed that you are familiar with operation of storage systems and major operating systems including UNIX and/or Linux. It is also assumed that you possess basic UNIX administration skills. The examples provided may require modifications before they could be run under your version of UNIX. You are recommended to refer to installation and configuration guides of specific model of ATTO Celerity FC-HBA for the client platform you are going to test on. We assume you have basic knowledge of storage networking and information cryptography. For specific technical product information of Bloombase StoreSafe, please refer to our website at https://www.bloombase.com or Bloombase SupPortal https://supportal.bloombase.com.

Bloombase Interoperability Program P7 2017 Bloombase, Inc. Infrastructure Setup The validation testing environment is set up as in below figure:

1 Brocade 300 0 4 1 5 2 6 3 7 8 12 9 13 2 10 14 11 15 16 20 17 21 UID 18 22 19 23 ProLiant DL320e Gen8 v2 1 2 1 2 3 4 5 6 7 8 9 UID 10 11 12 13 14 15 ProLiant DL320e Gen8 v2 16 17 18 19 20 21 22 23 24 HP HP StorageWorks StorageWorks MSA2000 P2000 UID Bloombase Interoperability Program P8 2017 Bloombase, Inc. ATTO Celerity FC-162E 16G FC HBA Red Hat Enterprise Linux (RHEL) 7 on HPE ProLiant DL20 Clear text FCP Write and Encrypt Read and Un-encrypt Brocade 300 San Switch FCP Bloombase StoreSafe on HPE ProLiant DL20 with FC-HBA FCP ^$8Yn +=@~ HPE MSA P2000 SAN Storage Bloombase StoreSafe Storage Encryption Server Server Processors Memory HPE ProLiant DL20 Gen9 Server 1 x Intel Xeon E3-1240V5 series quad-core 8M cache 3.5 GHz 8 GB Storage Encryption Software Bloombase StoreSafe Software Appliance v3.4

Bloombase Interoperability Program P9 2017 Bloombase, Inc. Storage Client Model HPE ProLiant DL20 Gen9 Server Operating System Red Hat Enterprise Linux (RHEL) 7 Fiber Channel Host Bus Adapter ATTO Celerity FC-162E 16G FC-HBA Fiber Channel Storage Area Network (SAN) SAN Storage Hewlett Packard Enterprise (HPE) MSA P2000 SAN SAN Switch SAN Switch Brocade 300 SAN Switch

Bloombase Interoperability Program P10 2017 Bloombase, Inc. Configuration Overview ATTO Celerity Fiber Channel Host Bus Adapter ATTO FC-HBA ATTO Celerity FC-162E 16G FC-HBA is installed at HPE ProLiant DL20 Server running Red Hat Enterprise Linux (RHEL) 7 as storage client to Bloombase StoreSafe.

Bloombase Interoperability Program P11 2017 Bloombase, Inc. Interconnect COMMSCOPE SYSTIMAX OM3 3-meter 50/150 micron multi-mode fiber-optic cables with LC-LC terminations are used in this interoperability testing.

Bloombase Interoperability Program P12 2017 Bloombase, Inc. Bloombase StoreSafe Software Appliance Bloombase StoreSafe supports file-based, share-based, block-based and object-based on-the-fly storage encryption. In this interoperability testing effort, SAN block-based encryption is provisioned to the client system with ATTO Celerity 16G FC-HBA installed. Encryption Key Configuration Generate encryption key with name key01 in bundled Bloombase KeyCastle key life-cycle management tool

Bloombase Interoperability Program P13 2017 Bloombase, Inc. Virtual Storage Configuration Bloombase StoreSafe block-based virtual storage and physical storage settings are configured as follows.

Bloombase Interoperability Program P14 2017 Bloombase, Inc. Physical Storage Target Configuration Bloombase StoreSafe should be able to mount to LUNs of SAN storages and shows on List Storage Device tool Physical storage namely lun01 is configured to map to the storage device to be encrypted by Bloombase StoreSafe Bloombase StoreSafe secures SAN contents block by block. Volumes can be secured one by one by specific cryptographic cipher, bit length, encryption key, etc.

Bloombase Interoperability Program P15 2017 Bloombase, Inc. Encrypted Virtual Storage Provisioning Virtual storage namely lun01 of type FC is created to virtualize physical storage lun01 for transparent encryption protection over FCP

Bloombase Interoperability Program P16 2017 Bloombase, Inc. Protection type is specified as Privacy and secure the FC SAN LUN using AES-XTS 256-bit encryption with encryption key key01.

Bloombase Interoperability Program P17 2017 Bloombase, Inc. Fiber channel protocol access control relies mainly on LUN masking for host based access control, the WWN of host HBA on Host of Host Access Control section is configured as follows:

Bloombase Interoperability Program P18 2017 Bloombase, Inc. Validation Tests Test Scenarios Validation Matrix Validation tests span across models of ATTO Celerity 16G FC-HBAs, Bloombase StoreSafe, server hardware platform, and client host platform. Test Condition Candidate Fiber Channel Host Bus Adapter ATTO Celerity FC-162 FC-HBA Storage System Hewlett Packard Enterprise (HPE) MSA P2000 SAN SAN Switch Brocade 300 SAN Switch Storage Encryption Bloombase StoreSafe on x86-based HPE ProLiant DL20 Gen9 server Client System Red Hat Enterprise Linux (RHEL) 7 with ATTO Celerity FC-162 FC-HBA

Bloombase Interoperability Program P19 2017 Bloombase, Inc. Raw Storage Device Tests The following tests are carried out at storage host operating system with ATTO Celerity FC-162-FC-HBAs to access encrypted Hewlett Packard Enterprise (HPE) MSA P2000 FC-SAN storage through Bloombase StoreSafe as a storage proxy. Test Description Write disk with zeros Write zeros into encrypted storage target via Bloombase StoreSafe, platform equivalence of UNIX s dd if=/dev/zero of=/dev/sda Read disk to null device Read from encrypted storage target via Bloombase StoreSafe, platform equivalence of UNIX s dd if=/dev/sda of=/dev/null Wipe disk with random data Write random zeros and ones into encrypted storage target, platform equivalence of UNIX s dd if=/dev/urandom of=/dev/sda File System Tests The following tests are carried out at storage host installed with ATTO Celerity FC-162 16G FC-HBA to access encrypted Hewlett Packard Enterprise (HPE) MSA P2000 FC-SAN storage via Bloombase StoreSafe as a bump-in-the-wire configuration delivering application-transparent encryption security. Ext3 for Linux Test Description Directory creation Platform equivalence of UNIX's mkdir Directory rename Platform equivalence of UNIX's mv Directory removal Platform equivalence of UNIX's rm Directory move Platform equivalence of UNIX's mv File creation Platform equivalence of UNIX's echo XXX > File rename Platform equivalence of UNIX's mv File removal Platform equivalence of UNIX's rm File move Platform equivalence of UNIX's mv

Bloombase Interoperability Program P20 2017 Bloombase, Inc. File append by character Platform equivalence of UNIX's echo XXX >> File append by block Platform equivalence of UNIX's echo XXX >> File parameters inquiry Platform equivalence of UNIX's ls *X File permission configurations Platform equivalence of UNIX's chmod Valid for UNIX-based storage host systems only (Linux, AIX, HPUX, Solaris) Softlink/Symbolic link removal Platform equivalence of UNIX's rm Valid for UNIX-based storage host systems only (Linux, AIX, HPUX, Solaris) Softlink/Symbolic link move Platform equivalence of UNIX's mv Valid for UNIX-based storage host systems only (Linux, AIX, HPUX, Solaris) Result Raw Storage Device Tests Test Validation Pass Remarks Write disk with zeros Read disk to null device Wipe disk with random data File System Tests Test Validation Pass Remarks Directory creation Directory rename Directory removal Directory move

Bloombase Interoperability Program P21 2017 Bloombase, Inc. File creation File rename File removal File move File append by character File append by block File parameters inquiry File permission configurations Softlink/Symbolic link removal Softlink/Symbolic link move

Bloombase Interoperability Program P22 2017 Bloombase, Inc. Conclusion ATTO Celerity 16G FC-HBAs ATTO Celerity FC-162 16G FC-HBAs pass all Bloombase interoplab's interoperability tests with Bloombase StoreSafe storage encryption server Bloombase Product Storage System SAN Switch Fiber Channel Host Bus Adapter Bloombase StoreSafe Software Appliance Hewlett Packard Enterprise (HPE) MSA P2000 FC-SAN Brocade 300 SAN Switch ATTO Celerity FC-162 16G FC- HBA

Bloombase Interoperability Program P23 2017 Bloombase, Inc. Acknowledgement We would like to thank ATTO Technology, Inc. for sponsoring and supporting the 16G FC-HBAs used in the tests of this technical report.

Bloombase Interoperability Program P24 2017 Bloombase, Inc. Disclaimer The tests described in this paper were conducted in the Bloombase InteropLab. Bloombase has not tested this configuration with all the combinations of hardware and software options available. There may be significant differences in your configuration that will change the procedures necessary to accomplish the objectives outlined in this paper. If you find that any of these procedures do not work in your environment, please contact us immediately.

Bloombase Interoperability Program P25 2017 Bloombase, Inc. Technical Reference 1. Bloombase StoreSafe Technical Specifications, http://www.bloombase.com/content/8936qa88 2. Bloombase StoreSafe Compatibility Matrix, http://www.bloombase.com/content/e8gzz281 3. dd for Unix, https://en.wikipedia.org/wiki/dd_(unix) 4. Oracle database server, https://www.oracle.com/database/index.html 5. Transaction Processing Performance Council, http://www.tpc.org/tpcc/ 6. ATTO Celerity FC-162 16G FC-HBA, https://www.atto.com/products/fc-adapters/fibre-channel-hba/16gb/ctfc-162e-000 7. Hewlett Packard Enterprise (HPE) MSA P2000 FC-SAN, https://www.hpe.com/h20195/v2/getdocument.aspx?docname=c04168365 8. Brocade 300 SAN Switch, http://www.brocade.com/en/products-services/storage-networking/fibre-channel/300- switch.html

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback