Rationale
NonStop EXPAND networking software over IP is the predominant protocol used to interconnect multiple NonStop servers over a local or wide area network. Since the NonStop server currently does not offer encryption of Expand connections, all data exchanged between NonStop servers is traversing the IP network in the clear.
NonStop EXPAND networking software over IP is the predominant protocol used to interconnect multiple NonStop servers over a local or wide area network. Since the NonStop server currently does not offer encryption of Expand connections, all data exchanged between NonStop servers is traversing the IP network in the clear.Benefits
SecurCS for EXPAND will transparently encrypt network traffic which uses EXPAND over IP. Data Replication software such as RDF will inherit the encryption of the traffic thereby protecting the sensitive data being replicated to other sites.
Like the other "flavours" of SecurCS, SecurCS for EXPAND is easy to configure and set up. Using the Multi-Line capabilities of EXPAND, CPU load will be distributed over all CPU's and migration can be done without ever taking the EXPAND connection down.
For a full list of features, please see here.
How does it work
SecurCS for EXPAND encrypts the traffic between two NonStop systems by creating a secure SSL session as depicted in the following diagram:
SecurCS for EXPAND encrypts the traffic between two NonStop systems by creating a secure SSL session as depicted in the following diagram:Performance Impact
The CPU usage of encryption will depend on the volume and message size of your current traffic. To provide a rough estimate: on an S86.000 system the encryption of a Megabyte of traffic consumes less than 200 milliseconds of CPU time. This means that encrypting a Megabyte of data per second on 8 CPU's will consume less than 3 % on each CPU. More information on CPU usage is available from comForte upon request.
The CPU usage of encryption will depend on the volume and message size of your current traffic. To provide a rough estimate: on an S86.000 system the encryption of a Megabyte of traffic consumes less than 200 milliseconds of CPU time. This means that encrypting a Megabyte of data per second on 8 CPU's will consume less than 3 % on each CPU. More information on CPU usage is available from comForte upon request.