alexscg
April 20th, 2007, 03:40 PM
Hi,
I am somewhat new to sequrity issues and have a project to be done.
The setup is: A standard LAN with a server, no local back-up only internet back-up, a buch of workstations, a router and a switch. Everyone runs Win XP Pro except Server, that runs W2k3 Enterprise Server.
The goal: I would like to put hardware encryption on the server RAID, retaining internet back-up capability and keeping the backed up files non-encrypted while doing all of that totaly transparent to users (not in terms of installation, but in terms of their daily operations). I also need a USB key that if removed (or not present at boot) will not allow access to the hdd data in unencrypted form. I need something strong enough that will swart any professional data recovery shop. I also don't care about user workstations much since they don't have (or at least shouldn't) any data on them.
My questions: Please recommend a general solution, a specific solution, and why you think its better then its competitors. I also want to know if it is in fact possible to have a hardware encrypted hdd and also perform an unencrypted internet back-up.
I have googled to see what I can come up with, and here are a few potential candidates:
this is a card that goes between raid controller and hdds
http://www.rocstor.com/index.cfm?fuseaction=products.dspsecuresataraid
some kind of a security network applience
https://www.ingrian.com/products.html
I am not sure how the applience will work for me and how involved it is, but the in-between card seems like a very fitting solution.
If there are other schemes, technologies, products that will accomplish what I need I would love to hear your thoughts.
Thanks
I am somewhat new to sequrity issues and have a project to be done.
The setup is: A standard LAN with a server, no local back-up only internet back-up, a buch of workstations, a router and a switch. Everyone runs Win XP Pro except Server, that runs W2k3 Enterprise Server.
The goal: I would like to put hardware encryption on the server RAID, retaining internet back-up capability and keeping the backed up files non-encrypted while doing all of that totaly transparent to users (not in terms of installation, but in terms of their daily operations). I also need a USB key that if removed (or not present at boot) will not allow access to the hdd data in unencrypted form. I need something strong enough that will swart any professional data recovery shop. I also don't care about user workstations much since they don't have (or at least shouldn't) any data on them.
My questions: Please recommend a general solution, a specific solution, and why you think its better then its competitors. I also want to know if it is in fact possible to have a hardware encrypted hdd and also perform an unencrypted internet back-up.
I have googled to see what I can come up with, and here are a few potential candidates:
this is a card that goes between raid controller and hdds
http://www.rocstor.com/index.cfm?fuseaction=products.dspsecuresataraid
some kind of a security network applience
https://www.ingrian.com/products.html
I am not sure how the applience will work for me and how involved it is, but the in-between card seems like a very fitting solution.
If there are other schemes, technologies, products that will accomplish what I need I would love to hear your thoughts.
Thanks