The Pipeline

Data libraries get built-in encryption
When agencies store and back up data, they must use encryption to adequately protect it from hackers and other threats. Data libraries encrypt data via an external device or by integrating the capability.

Spectra Logic recently announced the first two libraries in the company’s product line to feature integrated encryption, the T120 and the T950. These libraries are the first on the market to offer integrated 256-bit Advanced Encryption Standard technology.

“There is no need to purchase additional hardware to be able to encrypt your data,” said Brian Grainger, director of Spectra Logic Federal. “Customers can back up and encrypt data in one library, with one purchase order, one vendor and one service-level agreement. That means fewer people must enter the federal data center, which is typically highly protected.”

Users can manage the encryption using the library’s standard interface, resulting in a single point of management for encryption and the tape library. They can also manage the library remotely and securely through the library’s color touch screen and optional remote management secured via Secure Sockets Layer.

The T120 can store as much as 655 terabytes of data, and the T950 can store as much as 1,235 terabytes of data in a single library frame.

Administrators can stack as many as four T120 frames, and the system can handle more than 500 tapes with a mix of media types, including Linear Tape-Open (LTO) and Super Advanced Intelligent Tape (SAIT).

The T950, meanwhile, offers high storage density and supports any mix of LTO, SAIT, Super Digital Linear Tape and Removable Exchangeable TeraPack Redundant Array of Independent Disks. You can expand the T950 to five frames for storage of as much as a mind-boggling 8 petabytes — that’s 1,024 terabytes — of data using SAIT.

Spectra Logic plans to include 256-bit AES encryption in its entire line of libraries in the future.

Test your network’s mettle
If you installed a new deadbolt, you wouldn’t consider the job done until you locked it and tried to open the door to make sure it worked.

Likewise, network administrators must constantly test their networks to look for security holes and other possible vulnerabilities to viruses, worms, spyware and other threats.

The SAINTexploit penetration testing tool is a new software product from SAINT that takes vulnerability evaluation a step further than other products by exploiting the vulnerabilities it finds on a network.

According to the company, it’s the first product to do so, integrating vulnerability assessments and penetration testing into one package. Users will no longer have to hire consultants to perform network penetration tests, company officials said.

SAINTexploit is fully automated. It examines potentially vulnerable services, exposes points where an attacker could penetrate the network and exploits vulnerabilities to prove their existence.

The tool fully integrates with vulnerability assessment scanners and SAINT’s product suite. It also features a multiplatform exploit library with updated information about the latest known vulnerabilities, a Web site emulator and an e-mail forgery tool.

In addition, SAINTexploit can run exploits on demand and view file systems on exploited targets. If the product successfully exploits a vulnerability, it provides recommendations and tools that administrators can use to fix the problems.

The launch of SAINTexploit corresponds with the release of the SAINT Scanner 6.0 vulnerability assessment tool. The product features comprehensive vulnerability tests, a Web-based interface and full integration with SAINTexploit.