Discussing all things virtualization and storage in the data center.

Greater levels of security in a DoD project

I noticed the following link while checking out this website:

http://www.eweek.com/article2/0,1759,2156384,00.asp?kc=EWRSS03129TX1K0000606 ;

The article heading is:  IT Giants Collaborate on DOD Security Project.  I got all excited about this hoping that it would actually mean something.  I would suggest that government departments/agencies are amongst the leading purchasers of high end storage systems and this has always created issues.   I am sure we have all heard of what's under Fort Meade.

Government tends to deal with classified data in some way of another and I am still waiting for someone to say that storage systems including SAN switches can share different classifications.  This is normally regulated by some agency that looks at the vendors equipment for a (sometimes considerable) fee to say yes they can be used.  If not, then you can't use them for certain things.

Cisco and Brocade have not done this testing as far as I know and if I want to have different classified data in the SAN, I have to use SAN islands.  HDS are in a similar position where the storage can't be shared if different classifications are used.  I don't use EMC so I can't comment on that.  I am not talking about highly classified and extremely sensitive information that could cause major damage to the government.  Simple things like tender information or government policy fall into this category.  Well, they might be simple to me but I am sure some organisations might feel different about that but there is so much corruption around, it probably does not make any difference.

So, wouldn't it be terrific it we could share some level of classified information in a "normal" SAN.  The link did not discuss the DoD project but I would be willing to bet my house on this being an unclassified or perhaps restricted business venture.  If the US DoD is allowed to share classified data probably up to at least the Confidential level in the same network/SAN, then I guess that Cisco and EMC have done something to make whatever agency that puts out policy on this feel good about it all.  Microsoft.. well,  I won't go there.  We all know the track record of their products.

I would like to see Cisco VSAN's and HDS Virtual Partition Manager certified for different levels of classification (at least to the Confidential level but higher would be good) and if their security is so bullet proof as they like to claim, then lets see them do it.  Each company says that there is hardware enforcement in those products.  I know that each country has its own policy on this and even if the US said it was ok, other governments like Canada and North Korea would have a different view.  But at least the foundation would be in place.  You never know, it probably would give them the edge when competing for business.  Just imagine Biometric identification to log onto Storage Navigator or Cisco Fabric Manager... Heck, I know thumb drives that can do that..

But then again, two USP 600's probably gives a better commission to the sales guy than one USP 1100.   Anyway, you know what I mean.

Microsoft and security.. good one.  It will give me something to chuckle about for the next week or two.  Ohhh.. that's why islands are so popular.

Stephen

comments powered by Disqus