Encrypting data "at the tape" gives storage
administrators several advantages.
Tape-based encryption uses hardware on the
drive itself, so encryption is fast -- it doesn't congest the
backup server and slow the backup process. Administrators can
send encrypted tapes offsite knowing that the tape content is
secure and can help them meet regulatory obligations.
Tape-based encryption also provides a measure of
standardization and interoperability in the form of
LTO-4, so organizations can upgrade their
LTO-3 tape systems to LTO-4 while maintaining backward
compatibility with existing LTO-3 tape cartridges.
LTO-4 tape technology offers an appealing option for
data encryption, but there are serious issues to consider.
Encryption can adversely affect compression, leading to more tape
use and larger backup windows, resulting in costlier backups that
are more cumbersome to produce. Tapes are also sensitive to key
management, and are rendered unreadable if keys are changed or
corrupted. Finally, storage professionals must continue to address
the issue of tape reliabaility through proper storage and handling
considerations.
Now that we've reviewed the
essential issues in any encryption approach,
we can focus on specific considerations for LTO-4 tape drives.
After that, you'll find a series of specifications to help make
on-the-spot comparisons of products from vendors such as
Hewlett-Packard Co., IBM, Quantum Corp., Sun Microsystems Inc.
and Tandberg Data.
Consider the impact of encryption on media costs and storage
expenses. Virtually all tape systems run in compressed mode for
maximum capacity and throughput. A standard LTO-4 tape can double
its native (uncompressed) capacity of 800 GB and 120 MBps
throughput to 1.6 TB of compressed capacity at throughput up to 240
MBps. However, encryption effectively scrambles the data, removing
the redundancy that compression algorithms rely on.
If you are evaluating a tape drive with tape-based encryption,
ensure that compression will be performed prior to encryption.
Otherwise tape data will not compress and each backup cycle will
use more tape (and take longer), using more costly media. Drives
such as HP's StorageWorks LTO-4 Ultrium 1840 and Sun's T10000 tape
drives implement hardware compression before encryption.
Consider software support for tape-based encryption.
Tape-based encryption is not an automatic feature. Applications
such as backup software must be able to support the drive's
encryption feature, but broad support from independent software
vendors (ISVs) may not appear until early 2008. In the near term,
storage administrators may find themselves in a quagmire: Either
forego tape encryption until their backup software products are
updated to support the new drives, or forego their existing backup
software in favor of the backup tools bundled with the drive.
Consider drive features that improve performance.
Tape-based encryption should have little (if any) noticeable impact
on drive or backup system performance. But the drive's features
should help mitigate any performance mismatch between the drive and
backup server. If the backup server is too slow and cannot stream
data to the tape drive continuously, the tape drive must stop,
reposition and start again. Such "shoeshining" is a common
behavior, but it can be detrimental to the tape drive and media.
Today's advanced tape drives offer large buffers and can adjust
their transfer rate and internal speed to match the server. HP
calls this feature data rate matching (DRM), allowing its tape
drives to dynamically adjust from 40 MBps to 120 MBps.
Weigh the importance of tape drive standardization. Not
all encryption-capable tape drives are fully compatible with the
capacity or compression levels called out in the LTO-4 standard.
For example, IBM's Tape Drive Express TS2340 specifically calls out
the LTO Ultrium 4 standard at 800 GB capacity and 120 MBps
throughput (uncompressed) and 1.6 TB capacity and 240 MBps
throughput (compressed). However, Sun's T10000 drive touts 500 GB
capacity and 120 MBps throughput (uncompressed) and promises up to
3-to-1 compression. Although tape cartridges that are written on an
LTO-4 drive should be readable on any LTO-4 drive, those tapes may
not be readable on non-standard drives (and vice versa). Encryption
should also be standard. For example, a tape encrypted in an LTO-4
drive should be readable in another LTO-4 drive as long as both
drives support LTO-4 and a suitable key is supplied.
Consider how the key is stored and used. A key is needed
to encrypt the data, but a key is also needed to recover the
encrypted data. This usually involves storing the key where it is
accessible to the tape. Some drives store the encryption key
directly on the tape, and the key itself is encrypted with public
key cryptography (asymmetric keys). This makes it possible to share
encrypted tapes between trusted partners or multiple data centers
without having to transmit keys. In other cases, the key is stored
in a dedicated "key management" appliance, and a key identifier is
placed on the tape. When that tape is read, the tape requests the
corresponding key from the appliance. Consider how the key
management system adds security to the organization, but also
evaluate the level of complexity, cost and the effect that any
future hardware changes or disasters might have on the key
management process.
Consider support for the operating system. New devices
typically require a corresponding device driver, so the addition of
an LTO-4 encryption-capable drive should also include a device
driver that supports the operating system on your backup server.
When considering a new drive, check to see if drivers are also
available for current/future operating systems. This will help to
ensure that the drive will continue to operate properly as
operating systems are upgraded into the future.
Consider support for WORM media. Data that is recorded
for long-term archival and compliance/litigation purposes may
require immutability -- meaning that the data cannot be deleted or
altered once it's written. Many current-generation tape drives
support write-once read-many (WORM) media. WORM media typically
uses memory on the tape cartridge and a unique encoding scheme to
prevent data tampering.
The tape-based encryption product specifications page in this
chapter covers the following products:
- Hewlett-Packard Co.; StorageWorks LTO-4 Ultrium 1840 Tape
Drive
- IBM; System Storage TS2340 Tape Drive Express
- Quantum Corp.; LTO-4 HH Tape Drive
- Sun Microsystems Inc.; StorageTek T10000 Tape Drive
- Tandberg Data; LTO-4 FH (1640LTO) Tape Drive
Return
to the beginning