Download - GED- i Ltd Storage Security
![Page 1: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/1.jpg)
GED-i LtdStorage Security
GED-i LtdStorage Security
GED-I Proprietary
www.ged-i.com +972 9 8651054 [email protected]
Securing Data Residing on Storage devices
and Data Transferred over IP Networks
![Page 2: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/2.jpg)
GED-I Proprietary
Why Encryption is needed ?
Regulations Cost of Data TheftSecurity Incidents
![Page 3: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/3.jpg)
GED-I Proprietary
Where Encryption is needed ?
Enterprise Data CenterDRP Site
Health Institutions
Financial Institutions
University Research Center
Government Defense
Bank
Remote Hosting
Merchants Payments Processors
ISP Site
![Page 4: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/4.jpg)
GED-i Products offeringData Encryption
GED-i Products offeringData Encryption
GED-I Proprietary
GDDS
GPDS
AIO - i AIO - FC
AIO - HA
Superior - i Superior - FC
Superior - HA
Personal Enterprise infrastructureEnterprise
Best Security
Entry level
Security
Department
![Page 5: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/5.jpg)
GED-i Products offeringNetwork Encryption
GED-i Products offeringNetwork Encryption
GED-I Proprietary
G4Crypt 100
Enterprise infrastructureEnterprise
Fast
Slow
Department
G4Crypt 300
G4Crypt 1000
![Page 6: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/6.jpg)
Data Security Layers
GED-I Proprietary
Network Network SecurityFW, VPN, IDS/IPS
Device: PC,Laptop,PDAAccess controlBiometrics, Smart Card..
Application Application SecurityPIN, DRM
Data Encryption In
vasion th
rough netw
ork
![Page 7: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/7.jpg)
GED-i LtdStorage Security
GED-i LtdStorage Security
GED-I Proprietary
Encryption of
STORAGE DEVICES
(SAN)
![Page 8: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/8.jpg)
GED-i High Availability SolutionGED-i High Availability Solution
GED-I Proprietary
GEM 2000(Element Manager)
Ethernet
FC / iSCSI
AES 256
Storage
Server
Clients
Clients
GSA 2000 EE (Encryption Engine)
GKS 2000 (Key Server)
#W~ZABCD
GSA 2000 EE (Encryption Engine)
![Page 9: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/9.jpg)
GED-i High Availability SolutionGED-i High Availability Solution
GED-I Proprietary
Ethern
et
Ethernet
GKS 2000 (Key Server) GEM 2000(Element Manager)
GSA 2000 EE (Encryption Engine)
GSA 2000 EE (Encryption Engine)FC / iSCSI
+ Scrambling + InterferenceAES 256
Storage
Server
Port 1
Port 2
Port 4
Port 3
Clients
Clients
![Page 10: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/10.jpg)
GED-i High Availability SolutionGED-i High Availability Solution
GED-I Proprietary Storage
Server
Clients
Clients
GSA 2000 EE Encryption Engine
GSA 2000 EE Encryption Engine
GEM 2000Element Manager
GKS 2000 Key Server
GSA 2000 EE Encryption Engine
![Page 11: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/11.jpg)
GED-I Proprietary
Storage
Direct Data Copy
Take and GoTake, Copy and Return
Digital Way
Direct Data Copy
Remote Data Copy
Physical way
Take and Go
Take, Copy and Return
Data Protection against….
Service level
Remote Data Copy
![Page 12: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/12.jpg)
GED-i Data Leak PreventionGED-i Data Leak Prevention
GED-I Proprietary
Storage
Server
Clients
Use of Personal Encryption Key
Storage data is Encrypted and NOT available
SELECTED Storage data is available to key holders only
to continue press Space Bar
Typical Link of End Users to Storage Device
Hiding Storage Data while using GED-i’s Encryption KEY solutionupon Encryption Key insertion Data becomes available to key holders group onlyupon Encryption Key removal Storage data becomes UNAVAILABLE again
GKS 2000 Key Server
TOTAL Storage Data Encryption while using GED-I’s solutionStorage data is Encrypted and
Available to End Users
ABCD?&#@
![Page 13: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/13.jpg)
GED-i High Availability SolutionGED-i High Availability Solution
GED-I Proprietary Storage
Server
Clients
Clients
GSA 2000 EE Encryption Engine
GSA 2000 EE Encryption Engine
GEM 2000Element Manager
GKS 2000 Key Server
GSA 2000 EE Encryption Engine
DRP
![Page 14: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/14.jpg)
GED-i High Availability SolutionGED-i High Availability Solution
GED-I Proprietary
Storage
Server
Clients
Clients
GEM 2000Element Manager
GKS 2000 Key Server
GSA 2000 EE Encryption Engine
DRP SiteGSA 2000 EE
Encryption Engine
![Page 15: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/15.jpg)
GED-i in Cloud ComputingGED-i in Cloud Computing
GED-I Proprietary
Storage
GSA 2000 EE Encryption Engine
GEM 2000Element Manager
GKS 2000 Key Server
Server Clients
User Site
Cloud Services at remote site
![Page 16: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/16.jpg)
GED-I Product LineGED-I Product Line
GED-I Proprietary
Superior Security
GSA 2000 - EE
GKS 2000
GEM 2000
High Security level Solution
External Key Server for multiple GSA 2000 - EE
Automatic High availability
All In One Security
GSA 2000 – AIO
GEM 2000
Solution in single appliance
Internal Key management
![Page 17: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/17.jpg)
GED-I Product LineGED-I Product Line
GED-I Proprietary
Superior Security GSA 2000 - EE
GKS 2000
GEM 2000
StorageServerGEM 2000
GSA 2000 - EE
• Best Security Solution
• Encryption engine
• External Key Server
• Automatic setup for High Availability
• AES 256
• Optional : Segmentation & Scrambling
GKS 2000
![Page 18: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/18.jpg)
GSA 2000 For SAN Configuration
GSA 2000 For SAN Configuration
GED-I Proprietary
Specification Highlights
Storage Security Appliance
Connection In-line
iSCSI interface
Fiber Channel interface
At least 2 ports of 1Gb
Wire speed
External & Remote Key Server
Invisible to user
Invisible to storage application
Invisible to storage device
![Page 19: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/19.jpg)
GSA 2000 For SAN Configuration
GSA 2000 For SAN Configuration
GED-I Proprietary
Key Technology Incorporates the algebraic AES, Segmentation and scrambling
key Ensuring an unmatched security level
Key Management Physical Gap between the security appliance and the encryption
engine Encryption keys are remotely stored on the key Server Key Server can be local or remotely deployed Keys are transferred to the security appliance only as needed
![Page 20: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/20.jpg)
GSA 2000 For SAN Configuration
GSA 2000 For SAN Configuration
GED-I Proprietary
Easy Deployment Plug and Play technology Appliance with no IP address No S/W installation on client, server or storage Self Learning Easy and fast disaster recovery
![Page 21: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/21.jpg)
![Page 22: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/22.jpg)
GED-i LtdStorage Security
GED-i LtdStorage Security
GED-I Proprietary
Network Encryption
Encrypting Data transmitted
between IT islands
![Page 23: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/23.jpg)
Encrypting Data transmitted between IT islands
Network Encryption
Encrypted IP Network
IPsec AES 256Public Network
ABCD
ABCD
%&^#
![Page 24: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/24.jpg)
Total Solution by GED-i
![Page 25: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/25.jpg)
Total Solution by GED-i
![Page 26: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/26.jpg)
Total Solution by GED-i
![Page 27: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/27.jpg)
G4Crypt Models
The G4Crypt is an encryption appliance available as desktop or 19” rack mountable device, providing encryption at rates of 100Mbs, 300Mbs and near 1Gbs.
• An encryption appliance• Desktop or 19” Rack mountable device• Encryption at rates of 100Mbs, 300Mbs and near 1Gbs.
![Page 28: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/28.jpg)
G4Crypt Models
Technical Specification
AES – FIPS 197 (256) CBC
X.509 v3 digital certificates
Pre-shared secrets
HMAC-SHA-1-96
Encapsulating Security Payload (ESP) Tunnel mode
Encapsulating Security Payload (ESP) Transport mode
Ethernet Encapsulated Security Payload
Ethernet link
IPv4
Easy Deployment
Plug and Play technology
No S/W installation
Specification Highlights
Ethernet Link
IPsec - Layer 3 IP packet encryption
AES 256 encryption
G4Crypt 100 for 100Mbs
G4Crypt 300 for 300Mbs
G4Crypt 1000 for near 1Gbs
Point to Point link
Multi Point to Point links
Transparent bridge
Appliance Technology
At least 3 Ethernet ports
Up to 1Gbs Ethernet port
Desktop version
19” rack version
Management
Simple to use
Reports and logging
![Page 29: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/29.jpg)
GED-i LtdStorage Security
GED-i LtdStorage Security
GED-I Proprietary
www.ged-i.com +972 9 8651054 [email protected]
Securing Data Residing on Storage devices
and Data Transferred over IP Networks
![Page 30: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/30.jpg)
GED-i LtdStorage Security
GED-i LtdStorage Security
GED-I Proprietary
Personal/Departmental Data Safe
Encrypting Data Resides on
Departmental servers
![Page 31: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/31.jpg)
Group 1 Existing Computers with
non-encrypted data
Ethernet-LAN
Private Or Joint Encryption key, required to decrypt the encrypted disk. Removed to prevent access to data
Local Disk Non-Encrypted data
Single groupsShared 5:1 Configuration
GDDS 2000
A+B+…+E
K(A)=K(B)=K(C)=K(D)=K(E)
B
C
D
A
E “Local Disk” with Encrypted dataShared data in shared disk Volume
Dedicated for GED-I’s encryption station
![Page 32: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/32.jpg)
Data Safe Personal
Computer
Ethernet-LANGPDS 2000
“}#%>?+[\ABCDE
Removed to prevent access to data
&$#{}[
Read with no Key
Read with Keys
Read with No Keys
GED-I’s solution for Personal Data Safe – GPDS 2000
1:1 Configuration
![Page 33: GED- i Ltd Storage Security](https://reader036.vdocument.in/reader036/viewer/2022062322/568143b7550346895db04385/html5/thumbnails/33.jpg)
Group 1 Existing Computers with non-encrypted
data
Ethernet-LAN
Disk-on key with thousands of keys required to decrypt the encrypted disk.
Removed to prevent access to data USB port
Local Disk Non-Encrypted data
Two Independent GroupsShared 5:1 Configuration
“Local Disk” Encrypted data
GPDS 2000
A
A+B+…+E B
EShared data in shared disk Volume
Z
K(Z)
W
V
K(W)
K(V)
V+W+…+Z
K(A)
K(B)
K(E)
Group 2 Existing Computers with non-encrypted
data
K(A)=K(B)=K(C)=K(D)=K(E
)
K(Z)=K(Y)=K(X)=K(w)=K(V
)