Pure Storage EncryptReduce Lab

Solution Overview

Pure Storage FlashArray provides always-on deduplication and encryption of data at rest, providing a secure and efficient storage platform trusted by our customers.  Some customers have additionally decided to encrypt data at the host level, which has traditionally proved a challenge to storage-level deduplication such as that provided by FlashArray. This is because data reduction technologies rely on identifying repeatable patterns in the data and removing them whereas host-level host-level encryption has the effect of randomizing & scrambling the data that does not leave any repeatable patterns in it, thus preventing efficient storage-level deduplication. As a result, one has to trade-off host-level encryption against storage deduplication, which can in turn require the purchase of more storage capacity - not an ideal choice!

Goals & Objectives

After completing this lab users will gain an understanding of the following concepts:

  • Overview of the Thales Data Security Manager (DSM)
  • Configuring the DSM to work with the Pure Storage Array
  • Setting up the Thales VTE Agent on a Linux Server
  • Confirming Data Reduction numbers on a Host encrypted file system from the FlashArray 


Hardware & Software

  • 1 x Pure Storage Array
  • 1 x vSphere ESXi host (7.0 Update 1)
  • 1 x vSphere Virtual Center (7.0 Update 1)
  • 1 x Thales Vormetric Data Security Manager Appliance (DSM)
  • 1 x Ubuntu 18.04 Server VM for Vormetric Transparent Encryption Agent (VTE)
  • 1 x Windows 2016 AD/DNS/DHCP Server
  • 1 x Windows 10 Jumpbox