Data Encryption - Fujitsu ETERNUS DX80 S2 User Manual

Disk storage system

Hide thumbs Also See for ETERNUS DX80 S2:

Cli user's manual (756 pages)

User's manual & installation instructions (147 pages)

User manual (144 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

Table of Contents

Chapter 3 Setup

3.4 Data Encryption

3.4

Data Encryption

Encrypting data as it is being written to the drive prevents information leakage caused by fraudulent

decoding.

Even if a drive is removed and stolen by malicious third parties, data cannot be decoded.

The encryption function only encrypts the data stored on the drives, so server access results in the

transmission of plain text. Therefore, this function is effective against leakage of data being transferred via

sneaker net, but has no effect on data leakage via server access.

The following two types of data encryption are supported:

•

Self Encrypting Drive function

This function encrypts data by using Self Encrypting Drives (SEDs).

SEDs are locked the instant that they are removed from the storage system, which ensures no data is read

or written with these drives. This encryption prevents information leakage from drives that are stolen or

replaced for maintenance. This function also reduces discarding costs because SEDs do not need to be

physically destroyed.

•

Volume conversion encryption function

This function encrypts data on a volume basis by using the firmware of the ETERNUS DX Disk storage

system.

Encryption can be performed in volume units according to the importance of the data. No additional

hardware is required to perform volume encryption.

The restrictions and notes on encrypting data are described below.

■

Self Encrypting Drive function

For the procedure to perform data encryption using Self Encrypting Drives (SEDs), refer to "ETERNUS Web GUI

User's Guide" or "ETERNUS CLI User's Guide".

•

is installed without registering the SED authentication key, data leakage in a SED that is removed may

occur.

•

The common key can only be set once in the ETERNUS DX Disk storage system. This key can be used for all

the SEDs that are installed in the ETERNUS DX Disk storage system. The common key cannot be changed or

deleted after being set. The common key is used to authenticate RAID groups when key management

server linkage is not used.

ETERNUS DX80 S2/DX90 S2 Disk storage system User's Guide -Operation-

P3AM-4842-12ENZ0

Table of Contents

This manual is also suitable for:

Eternus dx90 s2

Data Encryption - Fujitsu ETERNUS DX80 S2 User Manual

3.4 Data Encryption

Related Manuals for Fujitsu ETERNUS DX80 S2

Related Content for Fujitsu ETERNUS DX80 S2

This manual is also suitable for:

Table of Contents