8

Security key and RAID management

NOTE: The H330 PERC card does not support security key and RAID management features.

Security key implementation

The Dell PowerEdge RAID Controller (PERC) 9 series of cards support Self-Encrypting Disks (SED) for protection of data against loss or theft of SEDs. Protection is achieved by the use of encryption technology on the drives. There is one security key per controller. You can manage the security key under Local Key Management (LKM). The key can be escrowed in to a file using Dell OpenManage storage management application. The security key is used by the controller to lock and unlock access to encryption-capable physical disks. In order to take advantage of this feature, you must:

1.Have SEDs in your system.

2.Create a security key.

Security key management in the BIOS configuration utility

The Dell OpenManage storage management application and the BIOS Configuration Utility (<Ctrl> <R>) of the controller allow security keys to be created and managed as well as create secured virtual disks. The following section describes the menu options specific to security key management and provide detailed instructions to perform the configuration tasks. The contents in the following section apply to the BIOS Configuration Utility (<Ctrl> <R>). For more information on the management applications, see Management Application For PERC Cards.

The Virtual Disk Management screen, VD Mgmt, is the first screen that is displayed when you access a RAID controller from the main menu screen on the BIOS Configuration Utility (<Ctrl> <R>). The following are security-related actions you can perform through the virtual disk management menu:

Security Key Management—Creates, changes, or deletes the security settings on a controller.

Secure Disk Group—Secures all virtual disks in disk group.

The Physical Disk Management screen, PD Mgmt, displays physical disk information and action menus. The following are security-related actions you can perform through the physical disk management menu:

Instant Secure Erase—Permanently erases all data on an encryption-capable physical disk and resets the security attributes.

For more information on the Physical Disk Management screen and Virtual Disk Management screen, see Physical Disk Management (PD Mgmt) and Virtual disk management respectively.

93

Page 92 Page 94
Page 93
Image 93
Dell UCSB-900, UCSE-900, UCSA-901, UCPA-901, UCPB-900 manual Security key and RAID management, Security key implementation
Page 92 Page 94
Top Page Image Contents