Disk Encryption

Product Overview

As the impact of data security breaches on organizations continues to escalate, the need for additional protection mechanisms grows. A significant security breach can cause an organization to face significant costs, loss of customers and revenue, a tarnished reputation, and even management changes.

Disk Encryption is designed to provide another layer of data security and help you protect sensitive data stored on encrypted disks from unauthorized access and tampering. Data on an encrypted disk is unreadable if the disk is lost, stolen, or decommissioned.

The Disk Encryption product is server-based and operates under the control of the ClearPath MCP operating environment.

General Features

Disk Encryption provides the following features:

  • Disk Encryption supports VSS-2 and VSS-3 disks. With the MCP Firmware level 45.0 or later, this includes support for emulated disk units (also known as logical disks) in addition to physical disks.

  • You can use Disk Encryption to encrypt all or some of the disks, including halt/load disks, used by your ClearPath MCP server.

  • When you encrypt a disk, all data on that disk is encrypted.

  • Encryption is fully transparent to applications. Data written to an encrypted disk is automatically encrypted when written, and decrypted when read by an application.

  • Encrypted disks can be re-encrypted with a different key.

  • Encryption keys are created, managed, and stored securely in the ClearPath MCP operating environment. The same key can be used for multiple disks.

  • You can backup and restore the encryption key store. You can merge key stores from multiple systems to facilitate the movement of disks from one system to another.

  • Disk Encryption uses XTS-AES-256 encryption.

Configuration Requirements

Software

Operating Environment Encryption Option

Hardware

All supported ClearPath Libra and Financial Series systems.

All supported ClearPath MCP Software Series systems running Release 3.0 or later.

Note: Refer to the ClearPath MCP Software Series Compatibility Guide for information on Intel CPU requirements for your ClearPath MCP Software Series system.

Ordering Information

ClearPath

The ordering style for Disk Encryption is CSP 10nn-DKE, where nn represents performance groups 10 through 160 (in increments of 10).

Source code is not available for this product.

Product Information

Refer to the following documents for more information:

  • Security Overview and Implementation Guide (8205 7498)

  • Security Center Help (4310 9263)

  • System Commands Reference Manual (3826 5419)

  • System Log Programming Reference Manual (8600 1807)

  • System Messages Support Reference Manual (8600 0429)

Prev  Up  Next
Security  Home  Lightweight Directory Access Protocol (LDAP)