Menu
RSA - EMC bolsters security for high-end arrays

RSA - EMC bolsters security for high-end arrays

EMC’s revamped Enginuity operating software adds tools for better securing Symmetrix arrays

EMC Tuesday rolled out a new version of its Symmetrix operating system that incorporates security features from its US$2.1 billion acquisition of RSA Security in 2006.

EMC debuted its Enginuity 5772 operating software for Symmetrix arrays at this week's RSA Conference in San Francisco. The new release includes three security-focused components:

  • Audit Log, which provides a tamper-proof view of management and support actions.

  • Symmetrix Service Credential, which prevents unauthorized service actions.

  • Certified Data Erasure, a facility aimed at eliminating exposure to data theft for Symmetrix disks.
The Audit Log component records host-initiated actions, physical component changes, actions on service processors and access attempts blocked by security controls. The contents of the audit log cannot be modified or deleted, and only authorized users can access the logs. EMC previously had audit logs for Symmetrix platforms; this new audit log prevents modification or deletion by all users, including those with superadmin access privileges.

"Auditability is actually very, very important," says David Hill, senior analyst for the Mesabi Group. "The Federal Rules of Civil Procedure were passed on Dec.1, and one thing that applies to compliance and governance is the concept of auditability, which deals with data as evidence and a chain of custody."

Each Symmetrix array contains an onboard service processor that is used to remotely monitor the storage array. The new Symmetrix Service Credential component, which is built on RSA SecurID technology, authenticates users who have valid access to the service processor and can enforce different credentials by user, action, system or time. In every case, access is by an encrypted credential and user password. This capability complements existing Symmetrix Access Control authorization features. In the future, EMC hopes to supplement this capability with use of the RSA SecurID hardware authenticators.

EMC's new data erasure options include a service, delivered through the company's global services group, for drives that have been removed from Symmetrix arrays, as well as a software-based offering for failed disks. The Certified Data Erasure technology lets customers shred data on a disk at the end of a lease, or when a disk drive has reached its end-of-life, for example. After erasure, EMC provides customers with a certificate that data has been successfully destroyed.


Follow Us

Join the newsletter!

Error: Please check your email address.
Show Comments