After you have created a security key, you can create secure disk groups from security capable physical disks. Creating a secure disk group makes the physical disks in the disk group security-enabled. Security-enabled physical disks enter Security Locked status whenever power is re-applied. They can be unlocked only by a RAID controller module that supplies the correct key during physical disk initialization. Otherwise, the physical disks remain locked, and the data is inaccessible. The Security Locked status prevents any unauthorized person from accessing data on a security-enabled physical disk by physically removing the physical disk and installing the physical disk in another computer or storage array.

Changing a Security Key

When you change a security key, a new security key is generated by the system. The new key replaces the previous key. You cannot view or read the key. However, a copy of the security key must be kept on some other storage medium for backup in case of system failure or for transfer to another storage array. A pass phrase that you provide encrypts and decrypts the security key for storage on other media.

When you change a security key, you also provide information to create a security key identifier.

Changing the security key does not destroy any data. You can change the security key at any time.

Before you change the security key, ensure that:

All virtual disks in the storage array are in Optimal status.

In storage arrays with two RAID controller modules, both are present and working normally.

To change the security key:

1In the AMW toolbar, select Storage ArrayPhysical Disk SecurityChange Security Key.

The Confirm Change Security Key window is displayed.

2Type yes in the text field, and click OK.

The Change Security Key window is displayed.

108

Configuration: Disk Groups and Virtual Disks

Page 108
Image 108
Dell MD3200, MD3220 owner manual Changing a Security Key, Confirm Change Security Key window is displayed, 108