Fde Drive Status - IBM System Storage DS3500 Introduction And Implementation Manual

Draft Document for Review March 28, 2011 12:24 pm
The secure erase process is shown in Figure 15-23.
Figure 15-23 Secure erase process
Warning: All data on the disk will be permanently and irrevocably erased when the secure
erase operation is completed for a security-enabled FDE drive. Do not perform this action
unless you are sure that you want to erase the data, as there is no recovery.
Secure erase can only be performed on drives that are not allocated to an array. The process
is also referred to as re-provisioning, where:
The FDE drive becomes fully reusable.
The drive can be reused in secure or non-secure applications.
Previous data and keys are not accessible.
It executes in less than a second.
It returns the drive to the original factory state.

15.4.4 FDE drive status

The FDE drives have a status indicating whether the disk can be accessed. The statuses are:
Locked
– The drive is security capable.
– The drive has security enabled.
– The lock key has not been supplied to the drive.
– Data cannot be read or written from drive.
Unlocked
– The drive is security capable.
– The drive has security enabled.
– The lock key has been supplied to the drive.
– Data can be read or written from drive.
Writing to the Drive
Encryption Process
The quick brown fox
jumps over the lazy dog
User Data
Data
Encryption
Key
%$#@βδελιφφυιλσκδ%
$#@j&&6544IY899#@&$
Data on Drive
Instant Secure
Erase
Change Data Encryption
Key
Chapter 15. Disk Security with Full Disk Encryption drives
7914FDE.fm
Reading from the Drive
Decryption Process
±
!
Data Read from Drive
New Data
Encryption
Key
%$#@βδελιφφυιλσκδ%
$#@j&&6544IY899#@&$
Data on Drive
471