Zserver® Storage version 5.0
Version 5.0
New features and updates in Zserver® Storage 5.0 for Windows
Disk Access Control
In version 5.0, Zserver Storage implements access control to encrypted hard disks by means of the Disk Access Control (DAC) module. The module manages access to disk partitions, virtually eliminating the risk of unauthorized access to corporate servers via unapproved applications and malicious software programs.
Authorized applications are compiled into a “white list” and granted various levels of access privileges, based on need. Applications not on this list are denied any type of access to that data. For example, a specific DBMS application included on the white list will be permitted access to encrypted files on the Zserver Storage protected database, while applications not on the white list — such as the file management program – will be denied access. Click here for more details
Adaptive multithreaded encryption (patent pending)
Zserver Storage Version 5.0 is built on innovative adaptive multithreaded encryption technology, developed internally by Zecurion, and significantly increases the speed of data encryption for multiprocessor systems. Adaptive multithreaded encryption makes working with large disk volumes and/or performing a significant number of file encryptions, such as occur during magnetic tape backups, much faster than most traditional encryption methods.
Encryption keys generation
Zserver Storage key generation facilities underwent significant improvements in version 5.0. The encryption key generation utility randomly collects data from different computer devices and sensors. In addition to mouse movement parameters, it now also uses:
• Noise collected from microphone sound cards
• Time intervals between data packets’ arrivals
• Quantum random number generator, “Quantis”
• Microsoft Crypto API interface
• Manual entering of random number sequences in HEX-editor
To further guarantee key generation integrity, the system is capable of performing statistical analysis of the generated random sequence. This allows the system administrator to then make an informed decision regarding whether the sequence was generated randomly or the key needs to be regenerated.
These improvements significantly increase the level of security in the generation process — an instrumental part of keeping confidential data secure. In addition, Zserver Storage supports encryption keys generated by third-party tools.
Encryption keys storage
Now, encryption keys can not only be stored on smartcards and electronic key tokens, but also in password-protected files, providing a convenient way for key administration. In previous versions, although keys could be stored in files, the lack of file protection limited the use of this feature. In version 5.0, the storage file is encrypted with a password, which provides an additional level of security and confidence in the encryption key safety, regardless of the key storage media.
More granular access management
Zserver Storage 5.0 manages access to Zconsole (management console) using native Windows authentication, which enables system administrators to implement and configure the access control list (ACL), per the standards set by Windows. Zserver Storage users can be authenticated based on their existing Windows account settings, either “transparent” authentication or by Zserver Storage’s internal user configuration.
The new version also provides more granular access management for encrypted media. Each disk now has an access control list associated with it, which determines the disk access privileges for each user or user group.
Saving server configuration to a file
Zserver Storage 5.0 offers the option to save server configuration settings to a file, restore server configuration settings from a file or replicate server configuration settings to any number of servers on the network. These capabilities give system administrators an efficient way to manage the networks in a rapidly growing and dynamically changing enterprise environment.
Configure logging
Zserver Storage 5.0 offers improved logging capabilities, significantly expanding the list of events being tracked. The journal entries have the option of being recorded in various file formats – XML, text ANSI or Unicode – or in the Windows Event Log. Additionally, the journal can be saved on a local or remote computer.
XML log files can be further analyzed with the use of pre-built reporting functionality that is flexible for customizing display options, setting conditions and filters for monitoring purposes, exporting data to other formats and the use of queries.
COM interface
Zserver Storage 5.0 is the most “integration friendly” version yet, allowing developers to take full advantage of Zserver Storage capabilities by broadening its core functionality via COM interface. During the installation, Zserver Storage 5.0 creates a COM object, which extends a set of methods and properties to control the program’s behavior, including:
• Connecting to/disconnecting from the server
• Loading/unloading encryption key to/from the server RAM
• Opening/closing encrypted disks
• Enabling/disabling encryption of the CD/DVD streams
• Encrypting, decrypting and re-encrypting disks
• Obtaining statuses of the encrypted media
These functions can be called via scripts – JScript, VBScript, VBA – or a program code.
Backward compatibility
Zserver Storage 5.0 and the management console support Zserver® Storage 4.x, providing seamless interoperability between the previous and current versions of the product. This helps IT departments to perform gradual system upgrades and phase out the older system without any downtime.
Click here to register and see Zserver Storage in action.
