Thales Blog

Safe, Speedy Data At Rest: Vormetric & Fusion-io

February 26, 2013

Turning data into information in the shortest time possible enables our customers to make decisions that generate profit, and in some cases, protect our nation's interest. Because of the value of these customers' information, it is essential to protect it via encryption.

Many of us are familiar with encrypting data in transit with SSL and other technologies to protect data in fight from compromise. Many customers are now finding it essential to encrypt data at rest or data stored on media. Encryption of data at rest can protect data from insider threats, whether from users, administrators, or media theft. A number of laws and acts recommend encryption at rest to protect vital information.

Historically, one of the challenges with encrypting data at rest is the impact it has on system performance. The modern CPU has doubled in performance every 18 to 24 months, in acordance with Moore’s law, while hard drive performance has remained relatively flat. Adding encryption instructions to the I/O path exacerbates the situation with an already data starved CPU. In addition, software based encryption adds CPU cycles that can conflict with CPU intensive workloads.

Recently, Intel released AES-NI, a set of encryption instructions found in the Sandy Bridge processors. These instructions allow the CPU to perform AES-256 bit encryption more efficiently without affecting other workloads. In a new whitepaper, we examine these technologies and test the performance of an ioMemory-equipped server running Vormetric Data Security Manager that allows us to quickly and easily deploy and manage this capability. Performance and highest levels of security don’t have to be at odds.

For additional information on this testing or to conduct the same tests against your own data, contact us at You can also read Vormetric's solution brief.