SNIA Developer Conference September 15-17, 2025 | Santa Clara, CA
Abstract
FC SANs are deployed in over 90% of Fortune 1000 customer data centers that run mission-critical storage workloads. Ever increasing threat vectors and tightening regulation is driving customer in healthcare, banking and defense to better secure their storage networks. While FC SAN encryption as defined in FC-SP-2 is well defined and stable, an implementation has long since missing due to the complexities and the required encryption performance, making a hardware encryption offload the best option. But a hardware implementation requires the complex infrastructure from the OS side, to allow for the necessary key handling and negotiation. These mutual dependencies have long prevented any useable implementation. In this talk Marvell and SUSE will be presenting a combined solution offloading encryption into the hardware, while having the infrastructure in place for key handling via a StrongSWAN adaption in the SUSE Linux Enterprise OS. With this setup we're able to achieve near linespeed with encrypted FC traffic, with all key management functionality mandated by the specification.
Learning Objectives
FC-SP-2 encryption,StrongSWAN on FC,OS integration with FC encryption