Broadcom Launches Emulex Secure FC HBAs Industry’s First Quantum Resistant Network Encryption

Broadcom Inc. announced an industry-first — the Emulex Secure Fibre Channel Host Bus Adapters (HBA) — a cost-effective, easy-to-manage solution that encrypts all data as it moves between servers and storage.

Encrypting mission-critical data is no longer a nice-to-have, but a must-have. The cost of ransomware attacks continues to rise with attacks in 2024 costing USD $5.37 million ⁽¹⁾ on average per attack. Upcoming GenAI and quantum computers magnify the risk if data is not encrypted at all points in the data center including the network.

To address these cybersecurity issues, governments have responded with mandates, including the United States’ Commercial National Security Algorithm (CNSA) 2.0, the European Union’s Network and Information Security (NIS) 2, Digital Operational Resilience Act (DORA) and more that require enterprises to modernize their IT infrastructures with post-quantum cryptographic encryption algorithms and zero trust architecture.

Click to enlarge

Today, data centers have the option of deploying application encryption or network encryption to protect their data. Network encryption offers several important advantages versus application-based encryption including preserving storage array services such as dedupe and compression, which is destroyed when using application-based encryption. Network encryption also enables real-time ransomware detection while application-based encryption hides ransomware attacks. Additional highlights of this solution include no encryption performance penalty and simple, session-based key management.

“Customers are seeking ways to protect themselves against crippling and expensive ransomware attacks as well as complying with new government regulations mandating all data be encrypted,” said Jeff Hoogenboom, VP and GM, Emulex connectivity division, Broadcom. “The Emulex Secure Host Bus Adapter meets these needs by providing an elegantly simple solution that once installed, encrypts all data across all applications.” 

“As enterprises face an ever-growing wave of cybersecurity threats, the Emulex Secure HBA stands out as a simple drop-in solution that enhances SAN security without compromising performance,” said Brian Beeler, president, StorageReview.com. “In our testing, we found these HBAs excelled at securing in-flight SAN data encryption while seamlessly complementing existing security technologies. We’re excited to see these adapters become a standard layer of improved SAN security in 2025, providing enterprises with an essential tool to safeguard their critical data.”

Click to enlarge

Emulex Secure HBAs feature:

• Security Built on Zero Trust, Post-Quantum Cryptography
  • Encryption algorithms support CNSA 2.0, DORA and NIS2 mandates.
  • Secures data in-flight between host servers and storage arrays.
  • Zero Trust platform with Security Protocol and Data Model (SPDM). cryptographic authentication of endpoints, and silicon root-of-trust authentication.
  • Compliance with the NIST 800-193 framework – secure boot, digitally signed drivers, T10-DIF, and more.
• Cost effective encryption: Dedupe/compression storage services remain intact; protects all data across all applications versus application-specific solutions.
• Runs on existing FC infrastructure.
• Maximum application performance: Cryptography offloaded to hardware, providing encryption with no performance impact.
• Easy to manage and deploy: Simple session-based key management with on-demand key generation; transparent- runs with existing operating systems, applications and SAN management tools.

Industry quotes:
Mark Jones, president Emeritus, Fibre Channel Industry Association (FCIA), said: “A standards-based solution to network security ensures industry-wide interoperability and gives customers the assurance of a working ecosystem that has been the hallmark of the Fibre Channel industry for over 30 years. The Emulex Secure HBA is leveraging the new INCITS FC-SP-3 standard; this security protocol will ensure that Fibre Channel will continue to be the most secure choice of storage network transport far into the future.”

Dave Pearson, VP, infrastructure research, IDC, said: “Cybersecurity ‘defense-in-depth’ best practices for enterprises means going beyond just data-at-rest encryption, but the tradeoff has traditionally meant losing data compression and deduplication capabilities. Secure HBAs aim to solve this problem by enabling in-flight encryption with full data compression.”

Availability:
Emulex 32G and 64G Secure HBAs are available in 1, 2, and 4 port configurations.

^[1] Cost of a Data Breach Report 2024, Ponemon Institute

Emulex Secure HBA LPe37100 LPe38100 single port and LPe37102 LPe38102 dual port

Resource:
Emulex Secure HBAs: The New Standard for In-Flight Network Encryption – StorageReview.com (PDF)