NetApp ONTAP: Security

Simplify and strengthen your security posture: Integrate data security throughout your hybrid cloud.

Help meet governance, risk, and compliance (GRC) requirements such as HIPAA, PCI-DSS, and GDPR. Cost effectively secure your NetApp® ONTAP® environment by incorporating industry-standard, built-in security that meets FIPS 140-2 compliance:

  • Data-at-Rest Encryption
    • NetApp Storage Encryption (NSE) provides FIPS 140-2 level 2, AES-256 encryption using self-encrypting drives.
    • NetApp Volume Encryption (NVE) enables software-based AES-256 encryption of individual volumes—each with its own unique key—on any type of disk across FAS, AFF, and ONTAP Select deployments.
  • Key Management
    • Onboard Key Manager, included with ONTAP, delivers a self-contained encryption solution.
    • External key management solutions, which enable FIPS 140-2 compliance for key management, provide separation of duties and a centralized key repository.
  • Secure Multitenancy—Isolate clients or organizations within a single common cluster.
  • Comprehensive Logging and Auditing—Monitor the actions, access, and behaviors of users to enhance visibility to operations teams and management.
  • Role-based Access Control (RBAC)—Designate and validate that only authorized users can access storage resources. Confirm those resources are being appropriately utilized.

Learn more. Read the Security Features in ONTAP 9 datasheet and the Security Hardening Guide for ONTAP 9.