Array Performance and Data Protection
1839193 Members
4319 Online
110137 Solutions
New Discussion

Any options for encrypting replication data?

 
SOLVED
Go to solution
Chris Wilkins_1
New Member

Any options for encrypting replication data?

I am interested in encrypting the replication data in order to protect it in transit. Anyone have ideas for accomplishing this?

5 REPLIES 5
ajay59
Occasional Advisor

Re: Any options for encrypting replication data?

Hi Chris,

VPN encryption seems to be a common solution for protecting replication traffic.

Chris Wilkins_1
New Member

Re: Any options for encrypting replication data?

We are planning to create a VPN tunnel between our primary and secondary Nimble units. I was hoping to hear the approach taken by other Nimble customers.

franku72
New Member

Re: Any options for encrypting replication data?

Hi Chris,

We use OpenVPN for tunneling: It's fast, free and relatively easy to setup. Currently we are also using dark fiber to a remote location.

You could probably also use VLAN's if your data stays locally ?

Regards,

Frank Uittenbosch

Not applicable

Re: Any options for encrypting replication data?

We are using an IPsec vpn tunnel between our Palo Alto Firewalls and replicating traffic across it.

benwatson87
Valued Contributor
Solution

Re: Any options for encrypting replication data?

Our customers almost all use external [to the array] VPN-encryption, which I'd say is probably the best/easiest way to do this if required. Encrypting packets for replication is a fairly arduous process, and although some platforms offer this I'd rather my storage array handles I/O particularly when there are viable alternatives.

However, once the initial replication is complete (perhaps using a local replica for the bulk transfer of data), is there actually any need to encrypt replicated deltas? Thinking about it, we're replicating compressed, changed blocks only from a custom-designed/implemented filesystem. One for the Nimble engineering team perhaps...