IBM Cloud Data Encryption Services Software defined data protection with built-in fault tolerance that is better, easier, and cheaper.

Highlights

Protect your company’s data with an

advanced data protection solution

Highly performant and scalable

FIPS 140-2 certified algorithm that

includes AES-256 encryption

Random cryptographic bit splitting adds

a second layer of data protection so that

a complete set of data is never stored

together in one place

‘M of N’ fault tolerance is built in, so

data is highly available

Works on existing infrastructure

Support data confidentiality and

regulatory compliance with ease

Data authentication prevents use of

altered data

IBM Cloud Data Encryption Services (ICDES) at a glance

Admin Interfaces Command Line Interface (CLI), Browser based Graphical User Interface (GUI)

API Support SNMP – Network Management KMIP™ – Key Management Interoperability Protocol

User Authentication LDAP, Active Directory® (AD), or Local (for administrators and individuals)

Admin Authorization User ID/Password, Server Key

Hardware Class X86 Class Server (AES-NI instruction support preferred for encryption acceleration)

Protectable Data Any directory(s) on the existing OS supported filesystem

Supported Share Storage “N” targets for share storage can go to any filesystem addressable by the server

Linux® (Red Hat® & CentOS™): 6.2 kernel version 2.6.220 (64 bit) or newer

Supported OS Microsoft Windows® Server: 2008 R2 & 2012 R2 (64 bit)

VMware® ESXi™: 5.1 and 5.5

Supported File Systems EXT3, EXT4, XFS

Data Encryption AES-256 (keyed by file)

Key Management

Built-in simplified key management. Encryption keys are encrypted, split and stored with data shares. Eliminates need for massive keystore. Only the server key needs to be secured. You control the server key and can store it away from server using a KMIP supported key server, like the IBM Security Key Lifecycle Manager (SKLM).

Cryptographic bit-splitting with physical separation of data shares

Additional Security Keyed Information Dispersal Algorithm (IDA)

Optional file name encryption using AES-256

Secure: 1:1, 4:4

Supported “M of N” Advanced Secure: 2:3, 2:4, 3:4, 2:6

Advanced Multi-Site: 4:6, 3:8 (4:10 is coming in 2015)

Optional Support Tools Two free support tools are offered for use with one or more ICDES installations: a Central Key Manager for remote storage of the server key and a Central Monitor

ICDES recommended server requirements

Minimum Recommended

Processor Intel / AMD 1.4 GHz (64-bit) Intel / AMD 2.3 GHz (64-bit) or better

Dual core processor Quad core processor

Virtualization Any host virtualization with VM running a supported OS

Minimum memory 4 GB 8 GB in addition to any required by other applications

Program Disk space 20 MB

File Storage disk space 20 GB Minimum; As desired up to maximum supported by server(s), Can be attached or networked storage.

Installer package space

Linux package: 300 MB (includes all available kernels)

Windows package: 16 MB

ESXi package: 550 MB (delivered as .ova file)

Network connection TCP/IP network connection over 10/100/1000 Mbps Ethernet

Dependencies

IP address, internet port access, www access

Optionally: Browser support (IE 10, FF 18 & Chrome 20 or newer) for GUI; External keystore, SNMP server, authentication server (LDAP/ AD)

© Copyright IBM Corporation 2015 IBM Corporation Global Technology Services Group Route 100 Somers, NY 10589 Produced in the United States of America January 2015 IBM, the IBM logo, ibm.com, SoftLayer and IBM Cloud Data Encryption Services are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at ibm.com/legal/copytrade.shtml Red Hat and CentOS are registered trademarks of Red Hat, Inc. in the United States, other countries, or both. Red Hat Enterprise Linux is a copyright of Red Hat, Inc. Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both. Microsoft, Windows, Active Directory and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both. VMware and ESXi are registered trademarks of VMware, Inc. in the United States, other countries, or both. KMIP is a registered trademark of OASIS in the United States, other countries, or both. Other product, company or service names may be trademarks or service marks of others. Any performance data for IBM and non-IBM products and services contained in this document was derived under specific operating and environmental conditions. The actual results obtained by any party implementing such products or services will depend on a large number of factors specific to such party’s operating environment and may vary significantly. IBM makes no representation that these results can be expected or obtained in any implementation of any such products or services. This document is current as of the initial date of publication and may be changed by IBM at any time. Not all offerings are available in every country in which IBM operates. THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided.

marketplace.ibmcloud.com/apps/2461

i-c-d-e-s.com