Contemporary Solutions for Data Archiving

Learn more about our products and services

Network Attached Storage (NAS) Technologies

Alliance Storage Technologies, Inc. (ASTI) Network-Attached Storage (NAS) solutions make management of archive appliance systems easy. Our solutions are designed specifically for data archiving and incorporate features that can substantially reduce business risks and costs. These regulatory compliant data archiving solutions are suitable for any business, organization, or industry with a requirement for archiving data securely over the long term.

NAS solutions differ from Direct-Attach Archive Libraries significantly. A NAS solution, commonly referred to as a NAS Appliance, is a complete storage subsystem, consisting of both hardware and software resources. This combined technology, facilitates the ability of heterogeneous clients to connect over the local area network to store and retrieve files. NAS can be included as part of a more sophisticated storage area network (SAN) system.

This eliminates the need, as with Direct Attached Libraries, for a separate server and storage management software to manage the library and present it to specific applications or users. NAS solutions utilize industry standard interfaces to provide standard access, eliminating customized integration needs.

NAS devices consist of an integrated server and hard disk storage that includes a multi-disk Redundant Array of Independent Disks (RAID) systems. NAS software can usually handle a number of network protocols including Microsoft's Common Internet File System (CIFS) and Sun Microsystems' Network File System (NFS) as well as any that have the ability to access a network file share.

NAS Storage is attached to a local area network (LAN) and assigned an IP address, allowing both application programming and files to be served faster because they are not competing for processor resources. NAS devices are usually configured with a web browser.


NAS Technologies - Standard Network Deployment

NAS solutions easily integrate with existing storage networks via Ethernet connection permitting standardization on a single network technology, with load balancing and failover capabilities. NAS devices operate in heterogeneous Windows & UNIX environments with support for the Common Interface File System (CIFS), Network File System (NFS), & File Transfer Protocol (FTP) protocols simplifying network management. Management utilities are able to reduce the management burden on storage administrators.

Network-attached storage can be a step toward and included as part of a more sophisticated storage system known as a storage area network (SAN).


NAS Technologies - Data Storage Compliance & Archiving in One Solution

The ASTI NAS solution provides a third tier of archive storage that elitefamilyeffortlessly integrates within existing networks. When static data is moved to the Archive Appliance’s high performance RAID storage file system, through the setting of comprehensive migration policies, data is automatically written to the archive tier, which consist of Ultra Density Optical (UDO®) media.

Archive management software provides for easy configuration and management of the entire network storage solution. Via virtualization of the RAID file system, unlimited growth is provided. Data can then be randomly accessed and dynamically retrieved at any time from RAID or UDO® media. This provides an integrated network storage solution that uses the latest technologies available.


NAS Technologies - Benefits

  • Worry-free Archiving with UDO Write Once Read Many media that preserves data unaltered for greater than 50 years.

  • Minimized Risks with regulatory compliant ISO standardized optical media that exceeds industry requirements - the data is there when it is needed, unaltered, and capable of being randomly accessed.

  • Reduced Operating Costs - once data is written to media it no longer requires a constant power source to maintain the data. Systems reduce overhead and operating costs by: minimizing the cost and frequency of data migrations through extended media life, removing static data from expensive primary and backup systems freeing up valuable resources, and lowering power, cooling and maintenance costs.

  • Decreased Administrative Costs - The easy-to-use robust Archive Management Software with GUI interface simplifies administration and offers easy-to-implement unattended monitoring - configure it once and let it run.

  • Conserves Technology Related Expenditures – substantially reduced need for system migrations and technology refreshes.

  • Low-Cost Disaster Recovery – automatically create multiple copies of media and store one copy offsite. Storage of off-lined media does not require special environmental conditions.

  • Scalability - As data storage requirements increase, libraries can be easily expanded within the same footprint offering investment protection through capacity expansions and "future proof" system upgrades.

  • Readily Available Support Services - one service contract covers multiple components.

  • Field Proven Robotics – incorporates state-of-the-art robotics for transporting media to and from drives. Dual media transport assemblies and auto calibration increase uptime and maximize productivity.

Where would you like to go from here?

Blu-Ray™ Technology

The Blu-Ray™ optical disc format was developed by the BDA (Blu-ray Disc Association Nonprofit Mutual Benefit Corporation). This group consisted of leading manufacturers including organizations such as: Hitachi, HP, JVC, Mitsubishi, Panasonic, Pioneer, Philips, Sony, and TDK. The format was driven more in support of high-definition (HD) video for the consumer market, but with its ability to store large amounts of data, is applicable to the professional markets such as data archiving.

Blu-Ray™ media, like UDO media, provides data authenticity for regulatory compliance or other applications where archived data must remain unchanged and authentic.

Origins

The technology’s name comes from the use of a blue laser which reads and writes data to the media rather than utilizing a red laser. This is the same type of technology employed previously with the UDO optical technology. The benefit of using a Blu-Ray™ laser (405nm) is that it has a shorter wavelength than a red laser (650nm). Combined with the change of the numerical aperture to 0.85, a much more accurate focal point is developed, allowing data to be stored closer together, providing major increases in capacity over other media such as CD’s and DVD’s. Blu-Ray™ media capacities that are available include 25GB, 50GB, 100GB and 128GB, providing an excellent storage medium for Data Archiving.

Dependant on the Blu-Ray™ disc manufacturer, different materials can be utilized to achieve varying results. Typically, Phase Change technology is utilized for recording on Blu-Ray™ BD-R Write-Once-Read-Many (WORM) media as well as Blu-Ray™ BD-RE (re-writable) media. In some cases, as with Verbatim™ media, BD-R discs utilize an inorganic recording material rather than the phase change alloys utilized in rewritable media which allows conversion between crystalline and amorphous states (differing reflectivity).

For more information on Phase Change technology, see UDO Technology

Where would you like to go from here?

Encryption Technology 

In today’s environment, the protection of sensitive data is imperative. Government and corporate compliance mandates are stiffening. HIPAA HITECH regulations now call for significant fines when personal health information is exposed, as well as public notification of such breaches. To protect sensitive data, encryption is the most effective way to achieve security. If data cannot be viewed then no breach can occur.

What is Data encryption?

Data encryption is the process of transforming plain text data (native format), using encryption algorithms and secret encryption keys, to an encrypted format (cipher text). To then utilize the data one must know the secret encryption key required to transform the data from cipher text to plain text.


Encryption Technology - Types of Encryption Keys based Upon Need

There are many varied data encryption solutions in the market today. One must consider the purpose and use planned when determining the best approach to be selected.

  • A-Symmetrical Encryption Keys:

    encrypta
    • On the following diagram on the right, an A-Symmetrical Encryption Key is utilized.In this case, a key pair (consisting of a public key and a private key) is utilized to encrypt and then decrypt the data respectively. This approach is very useful for sending data over email to secure data access. Keys are shared with other recipients requiring access to the data.
  • Symmetrical Encryption Keys:encryptb

    • Depicted in the following diagram, a Symmetrical Encryption Key is utilized. In this case, the same unique key is utilized to encrypt and later decrypt data. This is very useful with storage devices eliminating the need to make a public key accessible to users that need to view the data. With centralized servers in an enterprise environment, where user authentication is guaranteed, this greatly simplifies access to secured data.

Encryption Technology - What Encryption Features / Requirements are Important?

There are many data encryption solutions available. When evaluating an encryption solution for the protection of sensitive data, it is important that key features and certifications are present to ensure compliance, resiliency, security and disaster recovery.

  • FIPS 140-2 Compliant Encryption

    • Federal Information Process Standard (FIPS 140-2) is a U.S. government computer security standard used to accredit cryptographic modules. The title is “Security Requirements for Cryptographic Modules”.
    • Federal agencies and departments validate that the module in use is covered by an existing FIPS 140-2 certificate. As an example, ASTI’s encryption implementation is covered by Security Certificate #1747 under the Consolidated Certificate No. 0018.
    • The Cryptographic Module Validation Program (CMVP), a joint effort by the National Institute of Standards and Technology (NIST) and Communications Security Establishment Canada (CSEC) to ensure that encryption implementations adhere to the FIPS 140-2 standards.
  • AES-256 bit Encryption

    • The Advanced Encryption Standard (AES) is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST). AES has been adopted by the U.S. government and is now used worldwide. With AES, NIST selected three members of the Rijndael family, with three different key lengths: 128, 192 and 256 bits.
    • For data to be retained past the year 2031, AES-256 bit encryption is required. The 256-bit encryption requires the use of a 256-bit (32 characters) key, providing a stronger key more resistant to hacking via the use of supercomputers.
  • Encryption Modes

    • When implementing the AES-256 bit encryption, different encryption modes can be utilized. To protect data it is important that modes be utilized that protect all types of data from access or interpretation. As an example, the illustration shows an image that is encrypted using both Electronic Code Book ECB and Cipher Block Chaining (CBC) modes.
    • ASTI’s encryption implementation utilizes Cipher Block Chaining (CBC), to ensure that all data (such as images), are obscured from recognition or interpretation. Imagine in the above example if the subjects were classified satellite images, using ECB mode encryption would not protect disclosure of the data, hence making the encryption implementation ineffective.

penguinencrytdia


Encryption Technology - Enterprise-Grade Key Management

NIST Special Publication 800-57 Recommendations for Key Management outlines the recommendations for managing encryption keys. Management areas defined include the proper techniques and recommendations for the creation, protection and vaulting of encryption keys.

  • Encryption Key Creation: All encryption keys must be generated dynamically and not based on user inputs. Key creation should be accomplished via the use of generators available via the FIPS 140-2 certified solution, which ensure that these randomly generated numbers cannot be recreated and that all secret inputs utilized in the process are protected within the key generation process.

  • Encryption Key Protection: To protect the individual encryption keys utilized to encrypt each individual files, these encryption keys themselves must be encrypted using Symmetrical Encryption Wrapping Keys. Hence, all file level encryption keys cannot be used to access data without also having the Encryption Wrapping Key(s). Furthermore, the Encryption Wrapping Keys cannot be stored external to the system which ensures no one can access these keys.

Disaster Recovery and Key Vaulting

In the event of a disaster, where the operational system is disabled or destroyed along with all encryption keys, it is absolutely imperative that all encryption keys can be made available to reinstitute access to encrypted data. Without this ability, all access to this data will be lost forever.

The following must be made available to ensure continued access to corporate assets:

  • A Key Vault must be established, on-site and preferably off-site, on permanent protected resilient storage.
  • Keys must be committed to the Key Vault before ever being utilized to encrypt data.
  • Keys must be encrypted with Encryption Wrapping Keys on the Key Vault location.
  • Encryption Wrapping keys must be stored in a safe location (preferable in a vault) to ensure, in the event of a disaster, they can be made available to recover the file level encryption keys when restored from the Key Vault.

ASTI’s encryption feature provides for multiple options in the storage of encryption keys and adheres to these principles.

Where would you like to go from here?

 

Customer Testimonials

Read what our customers are saying about us.

Sangamon County Ciruit Clerk's Office

“Our major issue was time lost chasing documents. With the implementation of the archive solution, retrieval times went from DAYS to SECONDS.”
Tony Libri, Sangamon County Circuit Clerk

Southeast Louisiana Veterans Health Care

“We had to determine what information was retrievable among the absolute chaos of the first week after Katrina…We were able to recover all of the patient images off the Plasmon libraries…We are now primarily using the Plasmon’s UDO Archive Appliance for its long-term recoverability.” – Kenneth Allen, Health Systems Specialist

AGFA Healthcare

“Ensuring that we could provide a PACS archive solution that helps customers meet HIPAA compliance at a reasonable cost was a critical requirement. This was guaranteed with the performance, longevity, and authenticity of the UDO Archive Appliance.” – Lenny Reznik, Director Enterprise Imaging and Information, Agfa Healthcare.

 

Login