The Brocade FS8-18 Encryption Blade is a 16-port 8 Gbps blade for the Brocade DCX Backbone family that provides up to 96 Gbps of disk encryption processing power and up to 48 Gbps of compression processing power for tapes, and is FIPS 140-2 Level 3 validated. A high-speed, highly reliable hardware device, the Brocade FS8-18 delivers fabric-based encryption services that allow organizations to secure their data to meet regulatory and internal compliance requirements.
|Fibre Channel ports||16 ports; F/FL/E/EX/M ports|
|Ethernet ports||Two redundant 1000BaseT Ethernet ports for clustering|
and I/O synchronization during rekeying operation
|Smart cards||Master key recovery, quorum authorization, and system recovery operations|
|Compression for tape||Hardware-based data compression prior to encryption|
|Encryption modes||IEEE 1619 standard-based mode (disk and tape)|
DataFort-compatible mode (disk and tape)
|Data rekeying||Online or offline conversion of data from cleartext to ciphertext; manual or automated rekeying sessions; support for thin provisioned LUNs (check encryption interoperability matrix for support details)|
|Crypto scalability||Up to 256 target devices and initiators per encryption engine|
|Crypto engine||Maximum 96 Gbps hardware processing for disk*|
Maximum 48 Gbps hardware processing for tape with compression*
|Fibre Channel performance||1.063 Gbps line speed, full duplex; 2.125 Gbps line speed, full duplex; 4.25 Gbps line speed, full duplex; 8.5 Gbps line speed, full duplex; auto-sensing of 1, 2, 4, and 8 Gbps port speeds; optionally programmable to fixed port speed; speed matching between 1, 2, 4, and 8 Gbps ports|
|System scalability||Up to four Brocade FS8-18 blades per Brocade DCX Backbone family chassis|
|ISL Trunking||Frame-based trunking with up to eight 8 Gbps ports per ISL trunk; up to 64 Gbps throughput per ISL trunk|
|Maximum frame size||2112-byte payload for Fibre Channel|
|Classes of service||Class 2 (unencrypted traffic), Class 3, (encrypted and unencrypted), and Class F (inter-switch frames)|
|Data traffic types||Fabric switches supporting unicast, multicast (255 groups), and broadcast|
|Media types||8 Gbps: Utilizes Brocade hot-pluggable SFP+, LC connector; Short-Wavelength Laser (SWL); distance depends on fiber-optic cable and port speed|
|Fabric services||Simple Name Server (SNS), Registered State Change Notification (RSCN), NTP v3, Reliable Commit Service (RCS), Dynamic Path Selection (DPS), Brocade Advanced Zoning (default zoning, port/WWN zoning, broadcast zoning), N_Port ID Virtualization (NPIV), FDMI, Management Server, FSPF, Enhanced Group Management, IPFC, Frame Redirection, Port Fencing, BB credit recovery, Bottleneck Detection, Adaptive Networking (QoS, Ingress Rate Limiting, Traffic Isolation, Fabric Dynamics Profiling|
Optional fabric services: Monitoring and Alerting Policy Suite (MAPS), Flow Monitor, Fabric Watch, Extended Fabrics, ISL Trunking, Advanced Performance Monitoring, and Integrated Routing
|FIPS certification||FIPS 140-2 Level-3 Validated Cryptographic Module|
|Administrator roles||Administrator, fabric administrator, security administrator, recovery officer|
|Key management||NetApp Lifetime Key Manager (LKM); SafeNet KeySecure k460; RSA Data Protection Manager (DPM) Appliance; HP Secure Key Manager (SKM)/Enterprise Secure Key Manager (ESKM); Thales e-Security keyAuthority (TEKA); IBM Tivoli Key Lifecycle Manager (TKLM); Brocade KMIP-compliant client for supported key management systems|
|Size||Width: 3.60 cm (1.41 in.)|
Height: 41.11 cm (16.19 in.)
Depth: 27.98 cm (11.02 in.)
Occupies one slot in a Brocade DCX Backbone chassis
|System weight||5.5 kg (12.0 lb) without SFPs|
|Temperature||Operating: 0 to 40° C (32 to 104° F)|
Non-operating: −25 to 70° C (−13 to 158° F)
|Altitude||Operating: Up to 3000 meters (9842 feet)|
Storage: Up to 12 kilometers (39,370 feet)
|Shock||Operating: 20 g, 6 ms half-sine|
Non-operating: half sine, 33 g 11 ms, 3/eg Axis
|AC input range||40 to 50 VAC|
|Maximum power||235 watts|
|Base crypto model||Brocade FS8-18 Encryption Blade: 16 Fibre Channel ports, 48 Gbps* maximum encryption processing|
|Crypto engine performance upgrade||96 Gbps* maximum disk encryption processing upgrade for all Brocade FS8-18 Encryption Blades in a Brocade DCX Backbone family chassis|
* Actual encryption performance levels vary based upon user configuration and environment.
This Encryption Best Practices Guide is designed to help customers and partners architect and design Brocade encryption solutions to maximize system performance, minimize administrative overhead, and mitigate the possibility of operational disruptions.
Details how for medium- to large-sized enterprise data centers, adoption of fabric-based encryption often proves to be a more affordable option than LTO-4 tape drive-based encryption based on Total Cost of Ownership (TCO).
HP StorageWorks Secure Key Manager with Brocade Encryption Solutions
Brocade encryption solutions with the Thales Encryption Manager for Storage combine to protect data stored on disk and tape. Thales and Brocade have qualified products to deliver a seamless solution for data-at-rest encryption.
A professional security analysis by Digital Resources Group (DRG) demonstrating how Brocade encryption solutions help companies secure cardholder data and comply with the Payment Card Industry Data Security Standard (PCI-DSS).
New features in Brocade Fabric OS 7.0 help increase SAN security in enterprise environments to better protect sensitive data.