HP Secure Encryption manual Benefits, Encryption features

Page 6

Benefits

Broad encryption coverage

Encrypts data on both the attached bulk storage and the cache memory of HP Smart Array Controllers

Supports any hard drive or SSD in the Smart Drive portfolio for HP ProLiant Gen8 or later servers or the Supported Storage Enclosures

High availability and scalability

Scales with the amount of data privacy requirements o Server counts up to 25,000

o Millions of drives

o Millions of encryption keys

The HP ESKM supports High Availability Clustering, from 2-8 modes. Simplified deployment and management

HP Smart Storage Administrator configures the cryptographic features of HP Secure Encryption, and manages the controller and other direct-attached storage devices

Helps users meet compliance regulations

The HP ESKM has completed FIPS 140-2 Level-2 validation, certificate #1922

HP has applied for FIPS 140-2 Level-2 validation for the HP Smart Array family of controllers

Encryption features

Most HP Secure Encryption features and security settings are available through HP Smart Storage Administrator. Additional features for Remote Mode deployments are available through HP Enterprise Secure Key Manager 3.1 and later and Integrated Lights Out (iLO).

Feature

Description

Notes

 

 

 

Automatic key management

Encryption keys are automatically

 

created, saved, and deleted by HP Smart

 

 

Array Controllers without the need for

 

 

user intervention or management when

 

 

logical drives are created or deleted.

 

Compliance

HP Secure Encryption has been designed

For more information, see

 

to meet NIST-approved standards. HP is

"Encryption Algorithms (on page

 

in the process of applying for FIPS 140-2

71)."

 

Level 2 validation for HP Secure

 

 

Encryption. The HP ESKM has completed

 

 

FIPS 140-2 Level-2 validation, certificate

 

 

#1922.

 

 

HP Secure Encryption helps enterprises

 

 

comply with the data privacy and

 

 

protection requirements associated with

 

 

the U.S. Health Insurance Portability and

 

 

Accountability Act (HIPAA) and the

 

 

Sarbanes-Oxley Acts.

 

Overview 6

Page 5 Page 7
Image 6
Page 5 Page 7
Contents HP Secure Encryption Installation and User Guide Page Contents Support and other resources Overview About HP Secure EncryptionEncryption features BenefitsFeature Description Eskm Solution components HP Smart Storage AdministratorHP ProLiant servers HP iLO HP Smart Array ControllerHP SmartCache Minimum requirementsHP Enterprise Secure Key Manager 3.1 and later HP Eskm and key managementLicensing Encrypted backups Encryption setup guidelinesRecommended security settings at remote sites PlanningSecurity domains Deployment scenariosRemote and local key management requirements Configuration Local key management modeConfiguring the controller local mode Configuration Remote Key Management Mode Configuring Remote Key Management ModeConfiguring the HP Eskm Logging in to the HP EskmAdding a user Configuration Adding a group Assigning a user to a group Configuration Configuration Creating a Master Key Placing a key in a group Running a key queryConfiguration Assigning a key to a group Configuring HP iLO Connecting HP iLO to HP Eskm Configuration Configuring the controller remote mode Configuration Opening Encryption Manager Accessing Encryption ManagerOperations Logging into Encryption ManagerManaging passwords Set or change the Crypto Officer passwordSet or change the password recovery question Set or change user account passwordSet or change the controller password Suspending the controller password Resuming the controller password Working with keys Changing the Master Encryption KeyRekeying the Drive Encryption Keys Creating a plaintext volume Rescanning keysOperations Operations Converting plaintext volumes into encrypted volumes Changing key management modes Enabling/disabling plaintext volumes Enabling/disabling the firmware lock Enabling/disabling local key cache Importing drive sets in Local Key Management Mode Importing drives with different Master KeysOperations Maintenance ControllersReplacing a physical drive DrivesFlashing firmware Encryption ManagerGroups Locating groups associated with a driveQuery by drive serial number Maintenance Query by previous server name Maintenance Displaying log information Running queries Maintenance Maintenance Maintenance Lost or forgotten Crypto Officer password TroubleshootingCommon issues Lost or forgotten controller passwordLocating the key using the HP Eskm Local modeRemote mode Lost or forgotten Master KeyLocating the key using iLO Forgotten which Master key goes with which drive Logical drives remain offline Master key not exportingTesting the connection between HP iLO and the HP Eskm Potential errors encountered Error Description Action Clearing the encryption configuration Support and other resources Before you contact HPHP contact information Appendix Encryption algorithmsGlossary Master Encryption Key ILOLocal Master Encryption Key PlaintextVolume encryption key Remote Key ManagerDocumentation feedback Index EskmIndex
Top Page Image Contents