NetApp wants to secure enterprise storage against tomorrow's threats today by adding post-quantum encryption algorithms to its storage software.
These new algorithms, available Tuesday for all NetApp customers' block and file workloads, are joined by new ransomware protection updates for NetApp BlueXP, the vendor's hybrid cloud control console.
It never hurts to be ahead of the curve, even if a future of ubiquitous quantum computers won't arrive anytime soon, said Mitch Lewis, an analyst at The Futurum Group.
"[Quantum] is starting to work its way into those checkboxes for security folks," Lewis said. "[It's] still speculation, but it will be [real] at some point."
NetApp's specific post-quantum encryption follows standards released by the U.S. Department of Commerce's National Institute of Standards and Technology last August. These three algorithms are designed to harden general public network encryption and digital signature encryption against quantum computers.
Security is a team sport, and it encompasses all aspects of infrastructure.
Simon Robinson Analyst, Enterprise Strategy Group
A handful of other storage vendors have started to offer some level of quantum protection, such as IBM for tape backups, Lewis said, but quantum security in storage is still a relatively nascent space.
Network and security teams have begun bracing for quantum computing attacks or challenges, so it makes sense for storage and data teams to brace for similar attacks, said Simon Robinson, an analyst at Enterprise Strategy Group, a division of Omdia.
"Security is a team sport, and it encompasses all aspects of infrastructure," Robinson said. "NetApp are focused on getting ahead of it."
BlueXP updates
New capabilities coming to BlueXP are focused on preventing more immediate ransomware threats, according to NetApp.
These capabilities include role-based access controls based on specific ransomware definitions, so specific security team members or others in the organization can respond to threats that may affect their business. Customers recovering from an attack using BlueXP will benefit from a redesigned UI and data protection workflow creation, the company said.
NetApp's OnTap storage OS will continue to harden itself against ransomware attacks in the months to come, said Gagan Gulati, vice president of product for data services at NetApp. The OS's Autonomous Ransomware Protection capability, which enables real-time detection of ransomware signatures within the storage layer, now supports Amazon FSx for NetApp OnTap, an AWS file storage service.
This capability will expand to block workloads this year, which includes a new set of challenges to overcome before wider release to avoid false positives on attacks, Gulati said. Block data provides significantly less information than files, meaning logging changes that indicate malicious changes over daily workload changes need to avoid false positives.
"If you're able to detect early, you can act early," he said. "The false positive rate [needs] to be close to zero."
NetApp's security focus will appeal to enterprise customers who need reliable and secure storage systems over the high-end capabilities and speed that are touted by vendors looking to court generative AI workloads, Lewis said.
NetApp is no stranger to marketing its platform for AI, but traditional block and file workloads still dominate much of the enterprise storage market, he said
"It's not like [AI is] the only big customer," Lewis said. "There are still plenty of enterprises that need file storage."
Tim McCarthy is a news writer for Informa TechTarget covering cloud and data storage.
Dig Deeper on Storage system and application software
