Smartronix, Decru, and NetApp Unveil Secure Storage for Battlefield Data

Storage Networking World, Orlando, FL - October 26, 2004 -- Smartronix, Decru, Inc., and Network Appliance, Inc. (NASDAQ: NTAP) today announced a secure storage solution designed for forward-deployed military environments. The Expeditionary Encrypted Data Store (EEDS) combines NetApp® storage systems with Decru DataFort™ storage security appliances in a ruggedized, portable case. EEDS delivers reliable, intuitive storage functionality paired with powerful security features to support a broad range of missions.

Increasingly, modern military operations require forward deployment of computing systems, in environments ranging from aircraft and armored vehicles to embassies and mountaintops. These "net-centric" systems provide tremendous strategic advantages, but also expose an increasing amount of sensitive or classified data to new security threats. Forward-deployed computer systems present a particularly difficult challenge, because physical capture of mission data and software could expose vast amounts of actionable intelligence to adversaries. Due to the power of modern forensic tools, data stored on disk drives is essentially indelible, further complicating the task of sanitizing data on short notice.

The Expeditionary Encrypted Data Store solution takes a simple approach: never store mission data in cleartext format. All data and applications are secured with strong encryption, and in the event of imminent capture, warfighters can use Decru CryptoShred™ features to instantly delete local encryption keys by pushing a button or turning a key. Because encryption keys are stored in secure hardware, and data is never written to disk in cleartext format, deleting the keys provides instant sanitization of the entire system. Backup encryption keys are securely stored at headquarters, and can be securely injected into DataFort over the Global Information Grid, enabling rapid operational recovery from false alarms.

EEDS also enables operators to temporarily lock down systems by removing a cryptographic "ignition key" stored on a smart card. This feature enables systems to be securely transported, serviced, and deployed without exposing mission data to physical or electronic breaches. For example, a forward-deployed data center could be provisioned with pre-staged mission data, but all data would remain in encrypted format until authorized personnel arrive with the appropriate smart cards.

EEDS Concept of Operations
In addition to providing security against physical attacks, the EEDS solution provides the security and flexibility to support a broad array of operational missions. Examples include:

  • Secure storage consolidation: EEDS can be used to securely consolidate multiple separate groups or applications onto a single NetApp storage device. DataFort compartmentalizes data into Cryptainer® vaults, allowing fine-grain access controls and surgical data deletion.
  • Coalition data sharing: EEDS enables coalition partners or agencies to securely share data on the same system. Need-to-know access controls and crypto-signed logs ensure accountability, and ensure that only authorized coalition partners get access to shared data. This ultimately provides the combatant commander with greater operational flexibility, and enables enhanced information sharing in the field. Because the sharing partner designates the access controls and key management policies, data access can be quickly provisioned and de-provisioned.
  • Insider threat mitigation: Storage and system administrators can easily manage all stored data, but EEDS does not allow unauthorized personnel to access cleartext data. This "role separation" further enforces need-to-know access, and provides greater flexibility in the selection of administrators.

Powerful NetApp storage features ensure availability and simplicity. For example, NetApp SnapMirror™ software enables automatic and network-efficient replication of data to ensure continuity of operations. Because the software mirrors encrypted data from one system to another, all replicated copies are secure by default. Encryption keys can be securely injected into a remote DataFort on demand when a recovery event arises, but until then no user or application at the remote site can access data.

"EEDS demonstrates the power of integrating best-of-breed technologies into a field-ready, military-grade solution. Our experience deploying rugged tactical solutions combined with our lead roles on major information assurance initiatives makes us a natural choice to partner with NetApp and Decru to deliver this enhanced security solution for our troops"," said John Parris, vice president corporate strategy of Smartronix.

"We predict that the days of cleartext data on the battlefield are numbered," said Carl Wright, vice president of federal operations at Decru, and former CISO of the U.S. Marine Corps. "The EEDS solution delivers transparent and rugged performance in the field without compromising security, performance or simplicity. We're very pleased to collaborate with Smartronix and NetApp on this project."

"NetApp's high rate of adoption across the U.S. Department of Defense is a direct result of our customer and solution focus," said Mark Weber, Vice President of Federal Systems at Network Appliance. "Protection of data in harm's way is a major priority for our customers, and EEDS is the industry's first integrated solution to directly address these requirements."

Decru DataFort has received FIPS 140-2 Level 3 certification, as well as NIST certification for AES-256 and SHA-256, and is underway with Common Criteria certification with a target assurance level of EAL-4+. NetApp and Decru received DoD 5015.2 certification in September 2003, including certification of CryptoShred functionality for document shredding. NetApp and Decru solutions have been deployed by customers in sectors including financial services, healthcare, high technology, aerospace, and government.

The solution is available immediately from Smartronix, with turnkey solutions starting at under $100,000. Please visit for more information.

About Smartronix
Smartronix is a global professional solutions provider specializing in Enterprise Architecture, Engineering and Operations, Information Systems Security, System and Software Engineering, Specialized Hardware Engineering Solutions, and Program and Acquisition Management. Smartronix is headquartered in California, MD with operating offices in VA, NC, FL, AL, and CA and employees throughout the US and the Pacific Rim. The company has been recognized as one of the Fastest 50 growing companies in the Greater Washington area and one of the top 500 nationally as ranked by Washington Post and Inc 500, respectively.

About Decru
Decru, headquartered in Redwood City, CA, develops storage security solutions to address a range of business needs for enterprises and government, including intellectual property protection, regulatory compliance, privacy, and internal controls. Decru DataFort protects the core of the storage network with a layer of strong encryption, authentication, access controls, and compartmentalization. Decru DataFort appliances can be deployed transparently in SAN, NAS, DAS, and tape backup environments, with no changes to servers, desktops, applications, or user workflow. Decru was founded in 2001, and has raised more than $45 million in venture financing from Benchmark Capital, Greylock, New Enterprise Associates, In-Q-Tel and others.

About Network Appliance
Network Appliance is a world leader in unified storage solutions for today's data-intensive enterprise. Since its inception in 1992, Network Appliance has delivered technology, product, and partner firsts that continue to drive "The evolution of storage.™" Information about Network Appliance™ solutions and services is available at

Press Contacts:
John Welton
Voce Communications for Network Appliance

Michele Borovac
Decru, Inc.

Jake Malishchak
Smartronix, Inc.