Tintri SecureVM™
Real-time Data Security with No Impact on Application Performance
Security is top-of-mind for many organizations, especially in finance, government, defense and healthcare industries. There are often strict policy requirements or regulations to keep data secure at all times to protect against theft even during drive replacement or routine hardware maintenance.
Tintri’s® SecureVM™, provides the power to encrypt data at rest in real time, conforming to highest security standards to satisfy your toughest policy and regulatory requirements.
Tintri has partnered with Gemalto, makers of the leading external key management suite, SafeNet KeySecure. With KeySecure, easily lock down your data if one or more drives are stolen, or even if the entire array is compromised. Cryptographically lock your array (will not boot), simply by disabling key export in your Gemalto console. KeySecure uses the open platform KMIP, is FIPS 140-2 validated, and allows you to consolidate key management across heterogeneous storage and other secure appliances.
Safety
- External key rotation and security via Gemalto’s award winning KeySecure platform
- Data is encrypted inline using AES-256 bit algorithms without any impact on performance or capacity
- SecureVM works in conjunction with self-encrypting drives on Tintri VMstore storage platforms
- Inbuilt key rotation mechanism to manage keys and rotate keys on demand from the UI if the key is compromised for any reason
No Performance Impact
- No wait time before all data gets completely encrypted or “data outage period” that causes nightly script to crash
- Effective capacity remains the same
- No performance penalty for turning on encryption
Simplicity
- Turn on encryption of data at rest anytime to instantaneously meet your compliance regulations
- SecureVM is truly simple to activate and manage, just like you would expect from Tintri
- Tintri interface, single click key rotation saves time, and reduces complexity
Documentation:
Download the Tintri SecureVM Datasheet (PDF).