8
Security key and RAID management
NOTE: The H330 PERC card does not support security key and RAID management features.

Security key implementation

The Dell PowerEdge RAID Controller (PERC) 9 series of cards support Self-Encrypting Disks (SED) for
protection of data against loss or theft of SEDs. Protection is achieved by the use of encryption
technology on the drives. There is one security key per controller. You can manage the security key
under Local Key Management (LKM). The key can be escrowed in to a file using Dell OpenManage
storage management application. The security key is used by the controller to lock and unlock access to
encryption-capable physical disks. In order to take advantage of this feature, you must:
1. Have SEDs in your system.
2. Create a security key.

Security key management in the BIOS configuration

utility

The Dell OpenManage storage management application and the BIOS Configuration Utility (<Ctrl> <R>)
of the controller allow security keys to be created and managed as well as create secured virtual disks.
The following section describes the menu options specific to security key management and provide
detailed instructions to perform the configuration tasks. The contents in the following section apply to
the BIOS Configuration Utility (<Ctrl> <R>). For more information on the management applications, see
Management Application For PERC Cards.
The Virtual Disk Management screen, VD Mgmt, is the first screen that is displayed when you access a
RAID controller from the main menu screen on the BIOS Configuration Utility (<Ctrl> <R>). The
following are security-related actions you can perform through the virtual disk management menu:
Security Key Management—Creates, changes, or deletes the security settings on a controller.
Secure Disk Group—Secures all virtual disks in disk group.
The Physical Disk Management screen, PD Mgmt, displays physical disk information and action
menus. The following are security-related actions you can perform through the physical disk
management menu:
Instant Secure Erase—Permanently erases all data on an encryption-capable physical disk and
resets the security attributes.
For more information on the Physical Disk Management screen and Virtual Disk Management screen, see
Physical Disk Management (PD Mgmt) and Virtual disk management respectively.
93