GED-i Ltd Secure data Resides on Cloud, Hosting & Local SAN storage Transferred over public/private networks Store data Very Fast SAN storage www.ged-i.com +972
Download ReportTranscript GED-i Ltd Secure data Resides on Cloud, Hosting & Local SAN storage Transferred over public/private networks Store data Very Fast SAN storage www.ged-i.com +972
GED-i Ltd Secure data Resides on Cloud, Hosting & Local SAN storage Transferred over public/private networks Store data Very Fast SAN storage www.ged-i.com +972 9 8355600 GED-I Proprietary [email protected] About GED-i Ltd • • • • • Israeli Company Founded in 2005 Development started in 2006 Held by 3 founders and private investors Funding • External - Private & Governmental - about $800,000 • Founders – About $2M • Office is Netanya, Israel • Patent allowance in USA GED-I Proprietary Company Status • Sales – Initial revenues of more than $200,000 • Sales – Win of project estimated of $1M (G4Crypt) • Sales channels - Europe, Asia, Israel • Products - GSA 2000, G4Crypt - Commercial • Oracle/SUN’s Partner • IBM’s Storage Proven, Integrated Solution • HP – Interoperability, Integrated solution GED-I Proprietary GED-i Team Management: David Saar, MBA – CEO 24 years leading High-tech companies in Executive positions. Served as Vsecure Technologies Inc CEO, founder and the GM of TSK Israel Ltd and ECI Telecom Director of Worldwide Marketing. Elisha Atzmon, PhD – CTO, 12 years in advanced systems Research, Analysis and Implementation. Lior Greenblat, MSc – VP R&D, 10 years in leading design, development and implementation Advisory Board: Nadav Kedem, MSc Most recently serves as the manager and Director of R&D at EMC Israel Giora Cohen, BSc 25 years in leading design, development and implementation of high-tech technologies Rony Shapiro, MSc – VP R&D, 4 22 years in leading design, development and implementation of security systems. GED-I Proprietary Security Target Markets Sensitive and Confidential Data at: Cloud Computing Enterprise Cloud Operator as Infrastructure as Service Enterprise external DC Enterprise DRP Internal data center Private cloud DRP / Hosting Network connecting remote sites 5 GED-I Proprietary Target Markets - Customers Data security for the Civilian & HLS Bank Telecom Government Payment Processor Enterprise Defense Cloud Operator Airlines company Insurance University Municipal Authority Hospital Research Centers Airports Grocery chains Cities Casino sites Communication Law enforcement Enterprise branches Police Defense bases University campus Private Networks Hospital sites Telecom 6 GED-I Proprietary ISP Cloud/Storage Security - Why Compliance to Privacy Regulations • PCI DSS • HIPAA • CA 1386 • DOD 5015 • GBL • Basel II Data Security • Data Security is a “Show Stopper” for cloud computing, mainly to Enterprises • Data deployment risks – Cloud, Hosting, Data Center • Control over Data Security measures GED-I Proprietary Cloud Security Problem Confidentiality, Integrity, Availability Customer CLOUD Data1 Data Processing Customer Data2 Customer 8 GED-I Proprietary GED-i’s product Positioning Cloud Customer mapping • Users (Enterprises, SMB) • Operators Private Public • Operators Infrastructure SaaS PaaS GED-I Proprietary • Users (Enterprises, SMB) • Operators • Operator Infrastructure • Operator revenue generator IaaS 7 Cloud Security Risks By Gartner Privileged User Access – Privileged administrators and control over their access Regulatory Compliance Data Location – Local regulations compliance Data Segregation – Shared environment, Encryption Recovery Investigative Support Long-term viability X – available by GED-I X – Not available by GED-i GED-I Proprietary GED-i’s Data Security suite The Only End to End Solution GSA 2000 - Storage Encryption • Data Encryption (AES 256 XTS) • For Local Data Center, Hosting site and Cloud site G4EC - Encryption and Access Control • Ensures the confidentiality of the data located at the Hosting/Cloud •Key manager and Encryption control unit, located at the customer site G4Crypt - Network Encryption • IP network Data encryption as it is transmitted between Customer sites and cloud sites. 11 GED-I Proprietary Cloud’s Vulnerabilities and GED-i’s Security Suite Data resides in remote cloud site Data may be exposed to unauthorized eyes Solution – GED-I storage encryption (GSA 2000) User’s access to cloud site through public or private networks Data may be viewed or changed Solution – GED-I’s network encryption (G4Crypt) Access Control – User has no control on users access to his own Data/Servers Solution – GED-I’s Remote control over data encryption and accessibility (G4EC) Data and Servers availability– User has no control when his Data are approachable Solution – GED-I’s Remote control over data encryption and accessibility (G4EC) Shared Cloud infrastructures and services – Separation between different cloud users Solution – GED-I’s Remote control over data encryption and accessibility (GSA 2000) 12 GED-I Proprietary GED-i’s Cloud Security suite Transmitted Data Encrypted Cloud Data Encrypted Cloud data Controlled by Cloud Client Clients Cloud Services at remote site Cloud Data Local Server G4Crypt AB GKS 2000 Key Server &@ &@ &@ GSA 2000 EE Encryption Engine 13 User Site Cloud Servers IPSEC Agent GED-I Proprietary Hybrid Cloud Public Cloud GSA 2000 EE Encryption Engines Main Site Cloud Servers CISCO MDS 9000 Cloud Storage CISCO MDS 9000 Private Cloud Local Storage Clients GKS 2000 Key Server CISCO MDS 9000 Server CISCO MDS 9000 GSA 2000 EE Encryption Engine GED-I Proprietary Clients Security Offering status Data Encrypted on Cloud Storage devices Encryption per Physical server Encryption Keys at customer site Data Path encryption from Cloud site to Customer site NPIV data path – multi servers to multi targets Encryption per VM server Encryption per end-user VM Full Data Path encryption from Cloud storage to Cloud Customer site Access to data only upon G4EC activation X – available X - Under/Final development GED-I Proprietary X - development Storage’s Data Security offering Clients Storage data is Encrypted and Available to End Users Server ABCD ?&#@ GKS 2000 Key Server Storage GED-I Proprietary High Availability Solution AES 256 Clients FC / iSCSI GSA 2000 EE (Encryption Engine) GKS 2000 (Key Server) Server GEM 2000 (Element Manager) ABCD #W~Z GSA 2000 EE (Encryption Engine) Clients 17 Storage GED-I Proprietary Why GED-i Technology The BEST security - 2 (4) encryption layers with millions of keys Central Solution for any type of data or application Integrated solution into IBM (HP) storage Dedicated HW solution - Plug and Play, no performances degradation but - S/W product available on standard HW servers (IBM, HP) A whole media protection approach Separated Key Manager locally or remotely Easy to install and to maintain Suitable to any Servers OS Suitable to any Storage manufacturer (IBM, EMC, HP, HDS, DELL...) GED-I Proprietary Why to encrypt (with GED-i) Business Data Security is Enterprise’s “Show Stopper” Solution for Cloud/Storage/Hosting Operators for Enterprises Solution for Enterprises for Cloud/Hosting/Storage Low TCO since no need to secure each application independently Competitive Advantage over other operators Suitable to existing HW – Low investment GED-I Proprietary GED-I’s Go to Market & Business Model • Product Sales – Customers • Cloud operators, Storage Center, Data Center, ISP (Amazon EC2) • The High-End Market : Enterprises, Health, Financing, Research Centers, Government, Banking – Channels - Partnership with Storage, IT and Security integrators/VARs to Local channels perform: Sales, integration, support, GED-I 2nd line support Transfer price may based on % of end user price (30%-35%) – Pricing: starting at $30K • Technology Sale - OEM/ Cooperation – Storage Devices Manufacturer (EMC, IBM, SUN, HP, DELL, HDS,…) – Communication Devices Manufacturer (CISCO, Brocade) – Security: CA, Symantec, Check Point GED-I Proprietary Market size Storage Security - Based on external disks market size report by Gartner Q1/2010 Grow rate Sales in M$ 8% per security in M$ Penetration Addressable Market size M$ 2012 5% $19,000 $1,520 35% $540 2013 5% $20,000 $1,600 35% $560 21 GED-I Proprietary Sales Target Assumptions 1.Sales through VARs and OEM agreements 2. moderate forecast 3. Based on $5M Investment Product Type Price Description Superior (1+2) $30,000 Superior configuration: 1*GKS +2*GSA+1*G4EC Superior (1+3) $40,000 Superior configuration: 1*GKS +3*GSA+1*G4EC Superior (1+4) $50,000 Superior configuration: 1*GKS +4*GSA+1*G4EC Sales Projection summary (in end user price) as detailed below: Year 1 2 3 4 5 Total Sales $1M $6M $12M $20M $28M $67M GED-I Proprietary Feasibility Based on • Existing customers • Discussions with: IBM, HP • Conferences • Consultants • Articles • Market Researches • Internal Knowhow GED-I Proprietary Investment Options Investment sum equity Note $6M 25% Investment $25M 100% Buyout Targets • Expanding marketing and Sales activity • Product line expansion • More focus on the cloud market • 24 months of operation • Profitability GED-I Proprietary SAN Storage GFSS GED-I Fast SAN Storage For Performance demanding application 25 GED-I Proprietary Fast SAN Storage For performance demanding applications: “READ” at very fast speed “WRITE” at very fast speed or no writing at all “SAVE” to disk at regular speed, periodical or no data saving at all For Mid-Range (SMB) Utilizing standard HW platforms 26 GED-I Proprietary SAN Storage Target Market Mid-range (SMB) market Competition VERY EXPENSIVE traditional storage Advantages No competition in the target market (??) Usage of “every” 3rd party Server or JBOD Un-matched price level (S/W) 27 GED-I Proprietary Target Applications Image Processing VOD Download Servers Music on Demand Army Systems Video Processing Simulation Query Data Bases (DB) Sharing Systems Data Confidential application Fast Boot Application QA/Testing systems 28 GED-I Proprietary Network Security G4Cypt Network Encryption For public and Private Network 29 GED-I Proprietary Click to edit Master title Network Encryption style Encrypting Data transmitted between IT islands %&^# ABCD Encrypted IP Network IPsec AES 256 Public Network ABCD Click to edit Master G4Crypt Modelstitle style An encryption appliance Desktop or 19” Rack mountable device Point to Multi Point (P2MP) and Point to Point (P2P) AES 256 standard encryption Full Duplex Encryption Encryption rates at 100, 300, 600Mbs and near 1Gbs HW Bypass for fast recovery Remote management (SNMP, SSH ) Click edit Master title Radioto Network Encryption style Site A Site B G4Crypt 300 Site D Central Site Site C Total to Solution GED-i Click editbyMaster title style Thank You For contact: GED-I Ltd www.ged-i.com +972 9 8355600 +972 52 6498246 [email protected] GED-I Proprietary About GED-i Ltd Israeli Company Founded in 2005 Office is Netanya, Israel Patent granted in USA Sales channels - Europe, Asia, Israel Sales – Selected to secure Italy PA network GED-I Proprietary The Problem Privacy regulations, Data breaches result in huge financial damages and business optimization obliges to secure private data and are the rationale behind the need to encrypt data on storage devices. Today, almost all the data resides on storage devices is not encrypted. The vulnerability of non-encrypted stored data is one of the most critical security problems to enterprises, financial, health organization, government and defense. The merging of Cloud Computing and virtualization technologies, which based on storing data at remote sites, creates major security considerations which increases the need for remote data encryption. Moreover, in the few cases of encrypted data, a penetration into storage system, lost or stolen Disk gives the thief sufficient time to use advanced tools over Known Data Structure over a large amount of data to break the encryption (if any), to hack into and to expose the information. GED-I Proprietary Product Description GED-i’s appliance is installed adjacent to the Storage device ports and any data transferred to the storage device is encrypted and decrypted while it is transferred back to the user in real time. All the data is kept encrypted on the storage disks. The required key-information for the encryption process and for the decryption process is saved on a dedicated external key server (or in Allin-ONE solution on an external retractable physical device such as a flash memory on USB port, PCMCIA, CD, server disk, etc). GED-I Proprietary Technology Description GED-i’s solution is a Central Storage Data Security that uses 4 layers of Encryption: The basic layer is a standard AES-256-XTS encryption of the data, The second layer is storage segmentation, The third level is geometric restructuring (scrambling) layer implemented as part of the actual writing to the storage device. The fourth layer, the interference, involves special operations on the storage device to reduce the traceability of the storage surface characteristics. GED-I Proprietary Security Target Markets Sensitive and Confidential Data at: Cloud Computing Enterprise Cloud Operator Internal data center as Infrastructure as Service Enterprise external DC Enterprise DRP Private cloud DRP / Hosting Network connecting remote sites 39 GED-I Proprietary Target Markets - Customers Data security for the Civilian & HLS Bank Telecom Government Payment Processor Enterprise Defense Cloud Operator Airlines company Insurance University Municipal Authority Hospital Research Centers Airports Grocery chains Cities Casino sites Communication Law enforcement Enterprise branches Police Defense bases University campus Private Networks Hospital sites Telecom 40 GED-I Proprietary ISP Storage Data security What is it Encrypting Data resides on Storage Devices Preventing INTERNAL data hacking Data is secured even if was copied Secures ANY type of data For Enterprise Internal DC or Cloud site DC GED-I Proprietary Network Data security What is it Encrypting Data transferred over Public or Private networks Preventing Data exposure even if data is hacked Securing Enterprise data transferred between Remote Operational sites GED-I Proprietary Cloud/Storage Security - Why Compliance to Privacy Regulations • PCI DSS • HIPAA • CA 1386 • DOD 5015 • GBL • Basel II Data Security • Data Security is a “Show Stopper” for cloud computing, mainly to Enterprises • Data deployment risks – Cloud, Hosting, Data Center • Control over Data Security measures GED-I Proprietary Cloud Security Problem Confidentiality, Integrity, Availability Customer CLOUD Data1 Data Processing Customer Data2 Customer 44 GED-I Proprietary GED-i’s Data Security suite The Only End to End Solution GSA 2000 - Storage Encryption • Data Encryption (AES 256 XTS) • For Local Data Center, Hosting site and Cloud site G4EC - Encryption and Access Control • Ensures the confidentiality of the data located at the Hosting/Cloud •Key manager and Encryption control unit, located at the customer site G4Crypt - Network Encryption • IP network Data encryption as it is transmitted between Customer sites and cloud sites. 45 GED-I Proprietary GED-i’s Cloud Security suite Transmitted Data Encrypted Cloud Data Encrypted Cloud data Controlled by Cloud Client Clients Cloud Services at remote site Cloud Data Local Server G4Crypt AB GKS 2000 Key Server &@ &@ GSA 2000 EE Encryption Engine 46 &@ User Site Cloud Servers IPSEC Agent GED-I Proprietary Hybrid Cloud Public Cloud GSA 2000 EE Encryption Engines Main Site Cloud Servers CISCO MDS 9000 Cloud Storage CISCO MDS 9000 Private Cloud Local Storage Clients GKS 2000 Key Server CISCO MDS 9000 Server CISCO MDS 9000 GSA 2000 EE Encryption Engine GED-I Proprietary Clients Storage’s Data Security offering Clients Storage data is Encrypted and Available to End Users Server ABCD ?&#@ GKS 2000 Key Server Storage GED-I Proprietary High Availability Solution AES 256 Clients FC / iSCSI GSA 2000 EE (Encryption Engine) GKS 2000 (Key Server) Server GEM 2000 (Element Manager) ABCD #W~Z GSA 2000 EE (Encryption Engine) Clients 49 Storage GED-I Proprietary Why GED-i Technology The BEST security - 2 (4) encryption layers with millions of keys Central Solution for any type of data or application Integrated solution into IBM (HP) storage Dedicated HW solution - Plug and Play, no performances degradation but - S/W product available on standard HW servers (IBM, HP) A whole media protection approach Separated Key Manager locally or remotely Easy to install and to maintain Suitable to any Servers OS Suitable to any Storage manufacturer (IBM, EMC, HP, HDS, DELL...) GED-I Proprietary Why to encrypt (with GED-i) Business Data Security is Enterprise’s “Show Stopper” Solution for Cloud/Storage/Hosting Operators for Enterprises Solution for Enterprises for Cloud/Hosting/Storage Low TCO since no need to secure each application independently Competitive Advantage over other operators Suitable to existing HW – Low investment GED-I Proprietary Pricing – GSA 2000 Based on number of storage secured ports Per single main SAN storage 2-6 ports should be secured Major customers may have 10s-100s storage units Basic price is per single GSA 2000 appliance used to encrypt single storage port - $10K-$16K (end user price) Actual value of basic price is depended on the link speed (1Gbps, 4 Gbps, 8Gps) Single GSA 2000 used to encrypt 2 storage ports – $20K-$32K Single GSA 2000 used to encrypt 4 storage port – $36K-$58K Maximum encrypted storage ports per GSA 2000 – 4 ports Price is for HW and SW In special case GED-I may grant the authority to local integrator to integrate the SW with locally purchased HW GED-I Proprietary Business Model Partnership with USA based channels such as integrators and VARs Local channels perform: Sales, integration, support GED-I supplies 2nd line support Transfer price may based on % of end user price (30%-35%) or fix transfer price with free end-user pricing (projects) GED-I Proprietary Network Security G4Cypt Network Encryption For public and Private Network 54 GED-I Proprietary Click to edit Master title Network Encryption style Encrypting Data transmitted between IT islands %&^# ABCD Encrypted IP Network IPsec AES 256 Public Network ABCD Click to edit Master G4Crypt Modelstitle style An encryption appliance Desktop or 19” Rack mountable device Point to Multi Point (P2MP) and Point to Point (P2P) AES 256 standard encryption Full Duplex Encryption Encryption rates at 100, 300, 600Mbs and near 1Gbs HW Bypass for fast recovery Remote management (SNMP, SSH ) Click edit Master title Radioto Network Encryption style Site A Site B G4Crypt 300 Site D Central Site Site C Total to Solution GED-i Click editbyMaster title style SAN Storage GFSS GED-I Fast SAN Storage For Performance demanding application 59 GED-I Proprietary Fast SAN Storage For performance demanding applications: “READ” at very fast speed “WRITE” at very fast speed or no writing at all “SAVE” to disk at regular speed, periodical or no data saving at all For Mid-Range (SMB) Utilizing standard HW platforms 60 GED-I Proprietary SAN Storage Target Market Mid-range (SMB) market Competition VERY EXPENSIVE traditional storage Advantages No competition in the target market (??) Usage of “every” 3rd party Server or JBOD Un-matched price level (S/W) 61 GED-I Proprietary Target Applications Sharing Systems Download Servers VOD Music on Demand Army Systems Video Processing Simulation Query Data Bases (DB) Image Processing Data Confidential application Fast Boot Application 62 GED-I Proprietary SAN Storage Model Name Read write Save on Disk FR-NW Yes – at very high speed No FR-FW Yes – at very high speed FR-PW Yes – at very high speed Yes – at very high speed, No only to memory LU Yes Yes – from time to time FR-SW Yes – at very high speed Yes 63 GED-I Proprietary No Yes – immediately, at Standard disks speed Benefits As a result of GED-I unique technology and product architecture that enables to overcome the Storage inherent vulnerabilities, GED-I’s solution advantages over other solutions are: Stronger security through 4 layers protection: AES, Segmentation, Scrambling and Interference. Real Physical separation between the Encryption Engine and remote Key Server. Increasing the solution immunity to physical theft and to penetration and copy of the Encryption unit. Use of hundreds of thousands or even millions of AES 256 encryption Keys Line Speed or “Near” line speed Selection of H/W platform from leading server manufacturers (IBM, SUN, HP) Integrated solution into IBM’s Storage Data decryption is always guaranteed due to the secured backup of the remote Key server. No use of Backdoors for recovery due to the secured copy of the remote key server. No Use of Master key for recovery due to the secured copy of the remote key server. The 4 layers technology guarantees long term security even if the AES, or other standard encryption methods, will be mathematically compromised. As the media volume becomes larger,GED-I the protection Proprietarygets stronger GED-I vs. Competition GED-I Proprietary GED-I vs. Competition GED-I Proprietary GED-I vs. Competition GED-I Proprietary Thank You For contact: GED-I Ltd www.ged-i.com +972 9 8355600 +972 52 6498246 [email protected] GED-I Proprietary Use Case ATO ( Turkish, Ankara Chamber of Commerce ). (1) Storage encryption solution for SAN storage based on 2* GSA 2000 encryption engines and single Key manager GKS 2000. On line, Real time Encryption and decryption! (2) Securing HP SAN storage devices (3) FC link at 4Gbps. Ofek Aerial Photography (For Defense/Governmental and Public market). (1) Storage encryption solution for SAN storage based on GSA 2000 encryption engines. On line, Real time Encryption and decryption of about 1TB per day ! (2) Storage and users Network optimization planning and design (3) Securing SUN SAN storage (4) iSCSI link at 1Gbps Private Network of "Ministero Grazia e Giustizia" (Minister of Justice) in Italy (1) IP to IPsec Encryption for 300Mbs using the G4Crypt product , January 2010 GED-I Proprietary GED-i High Availability Solution Customer in Israel Clients Backup tape SUN StorageTeK SL24 SUN Storage 7410 CIFS FC Port 1 NON- Encrypted data backup Encrypted data backup Port 2 CIFS Port 3 CIFS Port 4 iSCSI Port 5 iSCSI CIFS File Server GSA 2000 EE (Encryption Engine) AES 256 XTS GKS 2000 (Key Server) GEM 2000 (Element Manager) Clients GED-I Proprietary GED-i High Availability Solution Governmental Customer in Europe Clients HP EVA 2 * GSA 2000 EE 1U Twin server (Encryption Engine) FC Port i FC Port j AES 256 XTS File Server GKS 2000 (Key Server) GEM 2000 (Element Manager) Clients GED-I Proprietary Clients Integrated solution HP Cloud in Europe Customer Site Cloud Site Clients HP HP EVA GKS 2000 Key Server HP EVA Server 2 * GSA 2000 EE HP BL460 G7 FC 72 GED-I Proprietary GED-i Ltd Data Security/Encryption solutions GED-i provides leading Security/Encryption solutions for enterprise's storage devices and IP networks, ensuring data privacy even if the data was exposed or viewed by unauthorized entity. The only solution that guarantees security of stored data through four layers of encryption. Companies spent $6.65M in average to recover from single data lost in 2008. According to the Ponemon Institute's 2008 Cost of Data Breach study, GED-I Proprietary Pricing – G4Crypt Based on link speed ( 100Mbps, 300Mbps, 600Mbps, 1Tbps) Server model may be used to connect to up to 15 clients model Basic price is per single client G4Crypt appliance used to encrypt single link - ex. 3200$ per 300Mbs link speed Actual value of basic price is depended on the link speed Server Model price is depended on number of connected clients Price is for HW and SW – ex server for 6 clients at 300Mbs – 4200$. In special case GED-I may grant the authority to local integrator to integrate the SW with HW GED-I Proprietary Pricing – G4Crypt Based on link speed ( 100Mbps, 300Mbps, 600Mbps, 1Tbps) Server model may be used to connect to up to 15 clients model Basic price is per single client G4Crypt appliance used to encrypt single link - ex. 3200$ per 300Mbs link speed Actual value of basic price is depended on the link speed Server Model price is depended on number of connected clients Price is for HW and SW – ex server for 6 clients at 300Mbs – 4200$. In special case GED-I may grant the authority to local integrator to integrate the SW with HW GED-I Proprietary