All of the physical disks and RAID controller modules in a storage array share the same security key. The shared security key provides read and write access to the physical disks, while the physical disk encryption key on each physical disk is used to encrypt the data. A security capable physical disk works like any other physical disk until it is security enabled.

Whenever the power is turned off and turned on again, all of the security enabled physical disks change to a security locked state. In this state, the data is inaccessible until the correct security key is provided by a RAID controller module.

You can view the self encrypting disk status of any physical disk in the storage array from the Physical Disk Properties dialog. The status information reports whether the physical disk is:

Security Capable

Secure—Security enabled or disabled

Read/Write Accessible—Security locked or unlocked

You can view the self encrypting disk status of any disk group in the storage array. The status information reports whether the storage array is:

Security Capable

Secure

The following table shows how to interpret the security status of a disk group.

Table 10-1. Interpretation of Security Status of Disk Group

Secure

Security Capable - Yes

Security Capable - No

Yes

The disk group is composed of all

 

SED physical disks and is in a

 

Secure state.

No

The disk group is composed of all

 

SED physical disks and is in a

 

Non-Secure state.

Not applicable. Only SED physical disks can be in a Secure state.

The disk group is not entirely composed of SED physical disks.

The Physical Disk Security menu appears in the Storage Array menu. The Physical Disk Security menu has the following options:

Create Security Key

Change Security Key

118

Configuration: Disk Groups and Virtual Disks

Page 118
Image 118
Dell MD3620I, MD3600I owner manual 118