Home > Products > Bloombase StoreSafe

Bloombase StoreSafe - FAQ

Why do I need to encrypt my files?

Corporate financial data, human resource information, customer personal particulars, product pricing and quotations, confidential contracts and decisions, as well as intellectual property (IP) constitute digital assets of an enterprise. These invaluable corporate assets exist as persistence data in enterprise storage systems in form of files. Statistics have shown that the more efficient the corporate perimeter control, the higher chance an enterprise suffers from insiders' attack.

System administrators and operators get hold of super user access to any system of an enterprise and are able to reveal any confidential contents on disks and tapes. Other contributing factors including storage consolidation, disaster recovery (DR), backup, replication and outsourcing increase chances secret data get exposed to unauthorized third party. Electronic intrusion and poor management of backup media logistics and storage worsen the problem.

To combat the security threat of sensitive data exposure, the most efficient strategy from old school technical literature suggests encryption. Data encryption is the turning-gold-into-rust process by use of complex mathematical operations. Encrypted, or ciphered data exist as garbage to unauthorized accessers and to reveal the true contents, one can only proceed to exhaustively undo the cryptographic operations by ad-hoc try-an-error method, and such random and brute-force hack are generally considered computationally impossible. Data encryption is a computational intensive task which is not suitable for general purpose business systems and is not welcomed by existing production applications. By far, even though there are encryption products that take the forms of utilities or toolkits, none has made the attempt to operate on operational files and transparently encrypt and decrypt contents on-the-fly. Major technical challenges for secure key management, scalability, portability, platform support and storage support.

Spitfire StoreSafe is a ground-breaking storage protection product for enterprise data encryption. It is a high performance hardware appliance operating on network layer, gaurantees to support all application and storage platforms and excels amongst software-based peers.


Our storage systems have NAS, SAN and tape drives, does Spitfire StoreSafe support?

Spitfire StoreSafe is a family of hardware appliances with dedicated models suitable for NAS, SAN, DAS and tape storage systems. They are all built upon the same carrier grade organizational proven Spitfire Security core which combines international accepted and NIST certified secure cryptographic ciphers together with the high performance hardware/ASIC based cryptographic engine.


Our system is mission critical, how Spitfire StoreSafe addresses high availability?

Spitfire StoreSafe is network-based appliances. For customers having concern on scalability or high-availability, they can multiplex Spitfire StoreSafe appliances for load-balancing and failover for ever increase storage requirements and gaurantee storage service level.


How does Spitfire StoreSafe affect our backup and restore procedures?

Unlike partition/volume-based encryption products, Spitfire StoreSafe protected files remain as normal files in storage systems. Backup and restore utilities SHOULD work directly on storage device without passing through Spitfire StoreSafe. Thus, backup data remain encrypted in their natural form and secure.


What encryption standards does Spitfire StoreSafe adopt?

Spitfire StoreSafe supports the following encryption standards which are safe and strong

  • NIST FIPS-197 AES encryption and decryption
  • NTT/Mitsubishi Camellia encryption and decryption
  • NIST FIPS-46-3 3DES encryption and decryption
  • CAST5, RC2 encryption
  • 512/1024/2048-bit long X.509 asymmetric key
  • Data obfuscation and bit shuffling


We have our own proprietary cryptographic cipher, can Bloombase customize Spitfire StoreSafe for us?

Spitfire StoreSafe is built upon Spitfire Security Platform which is a flexible framework for plug-ins. Customers can code their own ciphers and plug-in to Spitfire appliances to enjoy proprietary flavors. Bringing total solution to our valued customers is one of our key missions of our business, customers are free to contact our solution service arm to discuss your customization requirements.


Why hardware appliance?

Cryptographic taks are computational and resource intensive mathematical operations which are not welcomed by most business systems. General purpose microprocessors are not designed specifically for cryptographic work. To ensure shortest processing latency and best throughput, Spitfire StoreSafe takes a hardware appliance approach with ASIC acceleration to push security operations to wire-speed.


How Spitfire StoreSafe encryption slows down our storage system?

No performance impact for plain files and resources in Spitfire StoreSafe-protected storage systems. Encrypted files access differs from plain files by fractions of milliseconds. Spitfire StoreSafe appliances are equipped with fiber-channel and network interface that operate on gigabit order of speed serving protected storage as if they are in plain in wire-speed.


What operating systems do Spitfire StoreSafe support?

Spitfire StoreSafe operates on TCP/IP, fiber-channel SAN and SCSI storage protocols which are industry communication and storage standards adopted by all operating systems.



Secure Your Data Now

Protect your data with Bloombase transparent encryption.

Bloombase Demonstrations

See how Bloombase protects your digital assets.

Bloombase SupPortal

Get technical support from Bloombase Supportal and Knowledgebase.