Self-Encrypting Drive - HP MR Gen10 Plus User Manual

Table of Contents

Self-Encrypting Drive

The HPE MR Gen10 Plus Controller supports Self-Encrypting Drive (SED) that secures the drive data from unauthorized access or

modification of data. As the data on the drive is encrypted even if the SED drive is removed from its storage system, it cannot be

accessed without appropriate security authorization.

Passive Key Management

To use passive key management, enable the SED drive as JBOD and expose the drive to OS. This method allows you to manage SED

using third-party key management like SEDutil. SED monitoring is also available in MR Storage Administrator, Storage Command Line

Interface (StorCLI) tool, and configuration utility in UEFI System Utilities..

Local Key Management

You can enable SED drive security for local key management using the MR Storage Administrator, StorCLI tool, and configuration utility

in UEFI System Utilities. You must provide a controller-wide security key identify and security key. While boot up, the security key

stored in the controller is used to unlock the drive. Whenever the drive is powered down, the security enabled drive data encryption key

is locked. This action protects the drives or systems against any theft.

Remote Key Management

Remote key management is also known as external key management.

NOTE:

You can enable SED drive security for remote key management using the configuration utility in UEFI System Utilities.

For more information, see Enabling Drive Security .

The configuration utility in UEFI System Utilities works with iLO key manager to create the security key identify and security key in the

remote key manager server. iLO key manager needs to be configured before enabling remote key management in the configuration

utility. Whenever the drive is powered down, the security enabled drive data encryption key is locked. While boot up, the security key is

retrieved from the remote key manager server to unlock the drive.

Self-Encrypting Drive

Table of Contents