8.5DATA BANDS

When shipped from the factory, the drive is configured with a single data band called Band 0 (also known as the Global Data Band) which comprises LBA 0 through LBA max. The host may allocate Band1 by specifying a start LBA and an LBA range. The real estate for this band is taken from the Global Band. An additional 14 Data Bands may be defined in a similar way (Band2 through Band15) but before these bands can be allocated LBA space, they must first be individually enabled using the EraseMaster password.

Data bands cannot overlap but they can be sequential with one band ending at LBA (x) and the next beginning at LBA (x+1).

Each data band has its own drive-generated encryption key and its own user-supplied password. The host may change the Encryption Key (see Section 8.6) or the password when required. The bands should be aligned to 4K LBA boundaries.

8.6CRYPTOGRAPHIC ERASE

A significant feature of SEDs is the ability to perform a cryptographic erase. This involves the host telling the drive to change the data encryption key for a particular band. Once changed, the data is no longer recoverable since it was written with one key and will be read using a different key. Since the drive overwrites the old key with the new one, and keeps no history of key changes, the user data can never be recovered. This is tantamount to an instantaneous data erase and is very useful if the drive is to be scrapped or redispositioned.

8.7AUTHENTICATED FIRMWARE DOWNLOAD

In addition to providing a locking mechanism to prevent unwanted firmware download attempts, the drive also only accepts download files which have been cryptographically signed by the appropriate Seagate Design Center.

Three conditions must be met before the drive will allow the download operation:

1.The download must be an SED file. A standard (base) drive (non-SED) file will be rejected.

2.The download file must be signed and authenticated.

3.As with a non-SED drive, the download file must pass the acceptance criteria for the drive. For example it must be applicable to the correct drive model, and have compatible revision and customer status.

8.8POWER REQUIREMENTS

The standard drive models and the SED drive models have identical hardware, however the security and encryption portion of the drive controller ASIC is enabled and functional in the SED models. This represents a small additional drain on the 5V supply of about 30mA and a commensurate increase of about 150mW in power consumption. There is no additional drain on the 12V supply. See the tables in Section 6.3 for power requirements on the standard (non-SED) drive models.

8.9SUPPORTED COMMANDS

The SED models support the following two commands in addition to the commands supported by the standard (non-SED) models as listed in Table 8:

Security Protocol Out (B5h)

Security Protocol In (A2h)

8.10SANITIZE - CRYPTOGRAPHIC ERASE

This command cryptographically erases all user data on the drive by destroying the current data encryption key and replacing it with a new data encryption key randomly generated by the drive. Sanitize CRYPTOGRAPHIC ERASE is a SCSI CDB Op code 48h and selecting the service action code 3 (CRYPTOGRAPHIC ERASE)

8.11REVERTSP

The SED models will support RevertSP feature where it erases all data in all bands on the device and returns the contents of all SPs (Security Providers) on the device to their original factory state. In order to execute the RevertSP method the unique PSID (Physical Secure ID) printed on the drive label must be provided. PSID is not electronically accessible and can only be manually read from the drive label or scanned in via the 2D barcode.

CONSTELLATION ES.1 SAS PRODUCT MANUAL, REV. G

37

Page 43
Image 43
Seagate ST2000NM0063 manual Sanitize Cryptographic Erase

ST2000NM0063 specifications

The Seagate ST2000NM0063 is a high-performance internal hard disk drive designed for enterprise environments, offering a robust solution for those requiring reliable data storage. With a storage capacity of 2TB, this drive is ideal for both small and large enterprises, catering to applications ranging from data centers to surveillance systems.

One of the main features of the ST2000NM0063 is its 7200 RPM rotational speed, which ensures rapid data access and improved overall performance. This speed allows for faster read and write times, making it suitable for applications that demand quick data retrieval and processing. The drive supports a SATA 6Gb/s interface, which provides enhanced data transfer rates. This modern interface is essential for maximizing throughput, particularly when deployed in environments where speed is critical.

In terms of technology, the Seagate ST2000NM0063 utilizes Advanced Format Technology, enhancing data storage efficiency and increasing the number of user-addressable sectors. This feature allows for better alignment of data on the drive, which can lead to improved performance and reliability. Additionally, the drive incorporates the Seagate PowerChoice technology, enabling energy-efficient operations. This technology helps reduce power consumption during idle periods, contributing to lower operating costs and a smaller carbon footprint.

The ST2000NM0063 also emphasizes data integrity and reliability. Equipped with features such as error recovery control and vibration tolerance, this drive is designed to operate in challenging conditions. These attributes make it an excellent choice for RAID configurations and other enterprise applications that require high data availability and protection against data loss.

Furthermore, the ST2000NM0063 has a mean time between failures (MTBF) rating of 1.2 million hours, signifying its durability and long lifespan. This reliability is crucial for critical business applications where downtime is not an option.

In summary, the Seagate ST2000NM0063 combines high capacity, excellent performance, and advanced technologies to meet the demanding needs of enterprise storage. Its reliability, efficiency, and robust features make it a preferred choice for organizations looking to enhance their data storage solutions while ensuring optimal performance and longevity. Whether utilized in cloud storage, surveillance, or data center applications, this hard drive stands out as a dependable component in any IT infrastructure.