Object Storage: S3 API and Security

Good post by Chris M Evans (thank you)

In the first post in this series on the S3 API, we looked at some general background information describing Amazon’s Simple Storage Service and the wealth of features it offers.  In this post we dig deeper into the way in which security features are implemented in S3.  The security aspects covered will include controlling access to data in S3; we’ll discuss the security characteristics of data at rest and in flight in another post.

Read on here

Synology DiskStation DS1515+ Review

Post by Tucker Mindrum (thank you)

Synology’s new DiskStation DS1515+ is a 5-bay NAS that houses up to 30TB of raw storage, a quad-core 2.4GHz CPU, and up to 6GB RAM (with upgrade). It was designed for demanding use-cases and serves reported transfer speeds of 450MB/s and 396.5MB/s (read and write, respectively). Like many of Synology’s offerings, it also prioritizes security, providing AES-NI encryption with very little decrease in read speeds, in addition to a suite of other features. Each DS1515+ server is scalable up to 90TB (with two Synology DX513 expansion units), and multiple DiskStation servers can be consolidated through Synology’s Central Management System (CMS) for enhanced administrative efficiency. Account integration is easily done thanks to support for Windows AD, LDAP, and Domain Trust.

Read on here

Fabric Security

Post bc Erwin van Londen (thank you)

This topic is hardly ever touched when fabric designs are developed and discussed among storage engineers but for me this always sits on my TODO list before hooking up any HBA or array port. It is as important in the storage world as it has been in the IP networking sector for decades. Historically the reasoning to not pay attention to this topic was that the SAN was always deeply embedded in tightly controlled data-centres with strict access policies. Additionally the use of fibre-optics and relatively complex architectures to the storage un-inaugurated even more, unfairly, devalued the necessity of implementing security policies.

Read on here

Two New TS7700 Documents now on Techdocs

Information

News

Abstract

New to Techdocs:
IBM TS7700 Virtualization Engine LDAP Security – Introduction to Access Management
IBM® Virtualization Engine™ TS7700 Release 3.1 Performance White Paper

Content

IBM TS7700 Virtualization Engine LDAP Security – Introduction to Access Management

The following URL link(s) will show you the document:

http://www.ibm.com/support/techdocs/atsmastr.nsf/WebIndex/WP102422

IBM® Virtualization Engine™ TS7700 Release 3.1 Performance White Paper


The following URL link(s) will show you the document:
http://www.ibm.com/support/techdocs/atsmastr.nsf/WebIndex/WP102421

IBM TS7700 Virtualization Engine LDAP Security – Introduction to Access Management

Information

With system firmware level R1.7, released June, 2010, the IBM® TS7700 Virtualization Engine introduced support for LDAP security. TS7700 firmware level R2.0, released June, 2011, enhanced the implementation to include login restrictions for IBM service access.

With support of LDAP authentication, IBM provides the customer with the ability to effectively manage access to TS7700 systems. With LDAP support enabled, any user that attempts to access the TS7700 must pass authentication by the external, customer managed, LDAP server, rather than being authenticated by the storage system itself.

TS7700 firmware level R3.0, released November, 2012, enhanced the LDAP implementation to include support for direct communication with Microsoft Active Directory.

Get the Document here

IBM Tivoli Storage Manager Password Integration with LDAP and Microsoft AD

This video shows TSM 6.33 – 6.4 password integration with LDAP and Microsoft Active Directory. It explores how to setup and use this new feature.