Enova® SecureIDE RAID is an encrypted bridge board that connects between the generic RAID controller and the IDE UltraDMA disk drives, offering 133MB/sec real-time hardware encryption speed to all the connnected RAID hard drives.
Enova® SecureIDE RAID contains two (2) or four (4) Enova® Technology X-Wall® XO-128 (or XO-192) cryptographic bridge chips that are capable of delivering 133MB/sec bursting to all connected RAID hard drives. Operation of encryption and decryption is totally transparent to users. Look below Gartner's note on hardware security:
“Hardware is also not invulnerable to attack, but it generally requires much more sophisticated attackers with larger budgets than those that typically succeed against software-only security options. When information is sensitive, valuable or ‘must be trusted not to change’, hardware has to be part of the solution.” * Gartner Research Note COM-16-5309, 10 June 2002: “Software Security is Soft Security: Hardware is required”
There isn't any performance degradation because of operations of encryption and decryption. All disk contents including Operating System, boot sector, and temp./swap files are strongly encrypted using NIST & CSE certified TDES 128-bit or 192-bit hardware algorithms.
The Enova® SecureIDE RAID does not require any special device drivers nor does it depend on Operating System. It is compatible with all known operating systems as long as your generic RAID controller supports them all. The PCI interface only offers the required power, ground and support to the Enova® SecureIDE RAID.
All RAID disk drives share the same Secure Key which is provided via an external key token connected through an extension cord to the Enova® SecureIDE RAID for key insert. The key token serves as user authentication for access control while the X-Wall XO-128 ASIC encrypts and decrypts. The X-Wall XO-128 design allows users to remove the key token after the connected RAID hard drives have been properly recognized by the OS. The "Secure Key" is transmitted into the microchip at boot up via a hardwired protocol and is retained in protected volatile memory inside the chip until the power is turned off. The same key token has to present again during next power on or resume from hibernation state. The security is greatly enhanced because 1) the Secure Key disappears when the power is down and 2) the data can not be read, because no one can find the Secure Key by electronic means.
As illustrated in Figure 1, the regular RAID connection without encryption. All disk drives maybe connected directly to the generic RAID controller which also supplies required device drivers under various operating systems. The generic RAID configuration relies heavily on the software disk encryption which is notoriously known for poor performance and soft security.
Figure 2 shows that Enova® SecureIDE RAID sits in between the generic RAID controller and disk drives, offering hard security at 133MB/sec bursting to all RAID disk drives. The operation of encryption/decryption is totally transparent to all disk drives, offering absolutely no performance degradation.