Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


10:00 AM

Hifn Hitches Storage to Security

Vendor boils encryption and iSCSI SANs into a hardware/software combo

6:00 PM

By James Rogers
News Editor, Byte and Switch

Hifn is looking to encrypt data at rest by fusing iSCSI SAN software with data acceleration cards, aiming the combined solution at storage OEMs.

Launched last month, the DR 250 and DR 255 acceleration cards -- basic building blocks of the new solution -- contain AES 256-bit encryption and are designed for VPN vendors looking to speed up their wares.

“We have been using [the cards] in the communication space; now we’re using them in the storage arena,” says John Matze, Hifn’s vice president of business development, explaining the recent decision to bundle the cards with Hifn’s Swarm iSCSI software. “We’re putting security on our iSCSI targets. As the data is written to disk, we encrypt it, so all the data is encrypted in case the system is lost or stolen." The bundle is geared toward “your typical tier one and two” storage OEMs.

Matze confirmed that the vendor is in discussions with a number of potential OEM partners, but was unwilling to name any of the firms involved. ”I am allergic to orange jumpsuits,” quipped the exec, but he added that the software/hardware bundle will eventually be targeted at end-users looking to lock down data in branch offices.

FalconStor, Sepaton, and HP already OEM adapter cards from Hifn, and Cisco OEMs the vendor’s network processing chips.

This could be a shrewd move, according to Ben Woo, vice president of enterprise storage systems research at analyst firm IDC: “One of the things that we have recognized is that the mid-market has finally opened its eyes to the benefits of storage networking. Having security through something like encryption becomes paramount.”

Hifn’s iSCSI SAN rival LeftHand Networks also offers encryption on its flagship SAN/IQ offerings, although this is software-based, unlike the Hifn accelerator card, which contains a security processor.

”Software encryption comes with a performance overhead,” says IDC’s Woo, explaining that it makes sense to shift this work to a piece of silicon. “At the end of the day, encryption is a compute-intensive activity -- if you can offload that somewhere else, then you leave the rest of the computer to do something more interesting or more valuable.”

Hifn’s Swarm software, which is based on technology from the vendor's acquisition of Siafu last year, was previously sold as part of an appliance, something which Matze feels limited Hifn’s OEM opportunities.

”I am not going to sell a hardware box to HP, for example,” he says.

Opening up new routes to market will certainly be easier said than done, according to IDC’s Woo.

The big challenge is ‘Hifn who?’” he says, explaining that the vendor lacks name and brand recognition. “Even where they do have brand recognition, they are recognized as a component provider, not as a solution provider.”

Hifn’s storage/security bundle is available now, priced from $4,995.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Byte and Switch's editors directly, send us a message.

  • Cisco Systems Inc. (Nasdaq: CSCO)
  • FalconStor Software Inc. (Nasdaq: FALC)
  • Hifn Inc. (Nasdaq: HIFN)
  • Hewlett-Packard Co. (NYSE: HPQ)
  • IDC
  • LeftHand Networks Inc.
  • Sepaton Inc.
  • Siafu Software LLC


    Recommended Reading:

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 7/6/2020
    Another COVID-19 Side Effect: Rising Nation-State Cyber Activity
    Stephen Ward, VP, ThreatConnect,  7/1/2020
    Lessons from COVID-19 Cyberattacks: Where Do We Go Next?
    Derek Manky, Chief of Security Insights and Global Threat Alliances, FortiGuard Labs,  7/2/2020
    Register for Dark Reading Newsletters
    White Papers
    Current Issue
    Special Report: Computing's New Normal, a Dark Reading Perspective
    This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
    Flash Poll
    The Threat from the Internetand What Your Organization Can Do About It
    The Threat from the Internetand What Your Organization Can Do About It
    This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    PUBLISHED: 2020-07-07
    An issue was discovered in CMSUno before 1.6.1. uno.php allows CSRF to change the admin password.
    PUBLISHED: 2020-07-07
    Victor CMS through 2019-02-28 allows XSS via the register.php user_firstname or user_lastname field.
    PUBLISHED: 2020-07-07
    A memory leak in Openthread's wpantund versions up to commit 0e5d1601febb869f583e944785e5685c6c747be7, when used in an environment where wpanctl is directly interfacing with the control driver (eg: debug environments) can allow an attacker to crash the service (DoS). We recommend updating, or to res...
    PUBLISHED: 2020-07-07
    Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack.
    PUBLISHED: 2020-07-07
    A SQLi exists in the probe code of all Connectwise Automate versions before 2020.7 or 2019.12. A SQL Injection in the probe implementation to save data to a custom table exists due to inadequate server side validation. As the code creates dynamic SQL for the insert statement and utilizes the user su...