Dell Essential Security Key and RAID Management for the ucpb-900 Model

Page 93

8

Security key and RAID management

NOTE: The H330 PERC card does not support security key and RAID management features.

Security key implementation

The Dell PowerEdge RAID Controller (PERC) 9 series of cards support Self-Encrypting Disks (SED) for protection of data against loss or theft of SEDs. Protection is achieved by the use of encryption technology on the drives. There is one security key per controller. You can manage the security key under Local Key Management (LKM). The key can be escrowed in to a file using Dell OpenManage storage management application. The security key is used by the controller to lock and unlock access to encryption-capable physical disks. In order to take advantage of this feature, you must:

1.Have SEDs in your system.

2.Create a security key.

Security key management in the BIOS configuration utility

The Dell OpenManage storage management application and the BIOS Configuration Utility (<Ctrl> <R>) of the controller allow security keys to be created and managed as well as create secured virtual disks. The following section describes the menu options specific to security key management and provide detailed instructions to perform the configuration tasks. The contents in the following section apply to the BIOS Configuration Utility (<Ctrl> <R>). For more information on the management applications, see Management Application For PERC Cards.

The Virtual Disk Management screen, VD Mgmt, is the first screen that is displayed when you access a RAID controller from the main menu screen on the BIOS Configuration Utility (<Ctrl> <R>). The following are security-related actions you can perform through the virtual disk management menu:

Security Key Management—Creates, changes, or deletes the security settings on a controller.

Secure Disk Group—Secures all virtual disks in disk group.

The Physical Disk Management screen, PD Mgmt, displays physical disk information and action menus. The following are security-related actions you can perform through the physical disk management menu:

Instant Secure Erase—Permanently erases all data on an encryption-capable physical disk and resets the security attributes.

For more information on the Physical Disk Management screen and Virtual Disk Management screen, see Physical Disk Management (PD Mgmt) and Virtual disk management respectively.

93

Image 93
Contents Dell PowerEdge RAID Controller Perc 9 User’s Guide Page Contents Deploying the Perc card Driver installationBios Configuration Utility Security key and RAID management UEFI/HII RAID configuration utility100 Getting help Appendix RAID descriptionOverview Features of Perc H330 adapter cardFeatures of Perc H330 mini monolithic card Features of Perc H730 card Features of Perc H730/H730P mini monolithic card Features of Perc H730P adapter card Supported operating systems Features of Perc H830 adapter cardPerc H330 Perc H730 Perc H730P Perc H830 Perc card specificationsSAS Management applications for Perc cards Comprehensive embedded managementDell OpenManage Storage Management Related documentation Creating Global Hot Spares Creating Security Key Getting started with your Perc cardCreating Global Hot Spares Creating Security Key Creating virtual disks Setting up virtual disks Manage physical disks Creating Global Hot Spares Creating Security Key Page Perc 9 personality management FeaturesT10 protection information Enabling T10 PIImproved RAID 10 configuration Secure firmware updatePhysical disk power management 4KB block size disk drivesConfigured spin down delay Types of virtual disk initializationFull initialization Background initialization Consistency checksFast initialization Configuring FastPath-capable virtual disks Using disk roamingDisk roaming FastPathMigrating virtual disks Virtual disk migrationVirtual disk write cache policies Virtual disk read cache policiesConditions under which write-back is employed Reconfiguration of virtual disks Or more Yes Removes Redundancy While increasing Capacity Smart Feature Fault toleranceUsing persistent hot spare slots Patrol ReadPhysical disk failure detection Using replace member and revertible hot spares Physical disk hot swappingController cache preservation Non-RAID disks support Battery Transparent Learn CycleSelect OK Removing the Perc 9 adapter Deploying the Perc cardBattery cable connector Perc 9 card SAS cables Removing the Perc 9 mini monolithic controller Installing the Perc 9 adapterRemoving and installing the Perc 9 mini monolithic card Replacing the battery of a H730P mini monolithic cardRemoving the battery carrier Removing the battery Installing the Perc 9 mini monolithic controllerRemoving a H730P slim card Removing and installing a H730P slim card Replacing the battery of a H730P slim cardRemoving the battery Removing the Perc 9 mini blade controller Installing a H730P slim cardRemoving and installing the Perc 9 mini blade controller Replacing the tethered battery of a Perc 9 mini blade cardRemoving the battery carrier Removing the battery from the battery carrier Installing the battery into the battery carrier Replacing the battery carrier Installing the Perc 9 mini blade controllerRemoving the Perc FD33xD Card Removing and installing the Perc FD33xD card Replacing the battery of a Perc FD33xD cardInstalling the Perc FD33xD card Page Driver installation Creating the device driver mediaDownloading drivers from the Dell support website Windows driver installation Linux driver installation Page Bios Configuration Utility Entering the Bios Configuration UtilityExiting the Configuration Utility Menu navigation controls For more information, see Managing dedicated hot spares Setting up virtual disksParameters description Virtual disk management Bios Configuration Utility menu optionsPage Virtual disk actions Physical disk actions Physical disk management PD MgmtController management Ctrl Mgmt RebuildController management actions Foreign configuration view Virtual Disk ManagementCreating virtual disks Initializing virtual disks Selecting virtual disk parametersRunning a data consistency check Checking data consistencyPage Break mirror Managing preserved cache Break mirror in Bios configuration utilityDeleting virtual disks Managing dedicated hot sparesSetting LED blinking Clearing the configurationPhysical Disk Management Deleting disk groupsCreating global hot spares Removing global or dedicated hot sparesReplacing an online physical disk Restrictions and limitations Stopping background initializationPerforming a manual rebuild of an individual physical disk Enabling boot support Enabling boot support for a BIOS-enabled controllerController Management Disabling Bios stop on error Enabling Bios stop on errorEnabling auto import Disabling auto importRestoring factory default settings Entering the Uefi configuration utility UEFI/HII RAID configuration utilityExiting the Uefi configuration utility Navigating to Dell Perc 9 configuration utilityConfiguration management Converting physical disks to RAID capable disk Creating profile based virtual disksConverting physical disks to non-RAID disk Viewing disk group propertiesDeleting existing configurations on a RAID controller Managing foreign configurations on a RAID controllerRestoring factory settings for the controller Saving controller eventsSwitching the controller to HBA mode Enabling security for the controllerSaving debug log Switching the controller to RAID mode Viewing virtual disk propertiesViewing physical disks associated with a virtual disk Viewing battery properties Hardware components managementViewing physical disk properties Viewing physical disks associated with an enclosure Security key management in the Bios configuration utility Security key and RAID managementSecurity key implementation Local Key Management LKM Creating a security keyChanging the security key Deleting a security key Creating secured virtual disksSecuring pre-existing virtual disks Page Instant secure erase Bios configuration utility error messages TroubleshootingDiscovery error message Extra enclosure error messagePrevious configuration of disks removed error message Missing virtual disks error messageDirty cache data error message Bios disabled error message Drive Configuration Changes Error MessageAdapter at baseport not responding error message Virtual disks offline error message Virtual disks degraded error messageVirtual disks partially degraded error message Firmware fault state error message Memory or battery problem error messageForeign configuration found error message Foreign configuration not found in ctrl R error messageInvalid SAS topology detected error message Previous configuration cleared or missing error messageConfigured disks removed or not accessible error message Degraded state of virtual disksSecurity key errors Memory errorsSecured foreign import errors Preserved Cache StatePhysical disk issues General IssuesFatal error or data corruption reported Unable to rebuild a fault tolerant virtual diskMultiple disks become inaccessible Physical disk displayed as blockedVirtual disk fails rebuild using a dedicated hot spare Virtual disk fails during rebuild using a global hot spareRebuilding a failed physical disk Physical disk takes a long time to rebuildReplace member errors Smart errorsSource disk fails during replace member operation Linux operating system errorsTarget disk fails General disk failsUefi error messages Disk Carrier LED IndicatorsUnable to register Scsi device error message Unhealthy Status of the DriversCorrective Action Summary of RAID levels Appendix RAID descriptionRAID terminology Disk stripingSpanned RAID levels Disk mirroringExample of Distributed Parity RAID Parity dataGetting help Locating your system Service TagContacting Dell Documentation feedback