Additional Secure Disk Functions; Changing The Security Key - IBM System Storage DS3500 Introduction And Implementation Manual
Hide thumbs
Also See for System Storage DS3500:
- Installation, user's, and maintenance manual (222 pages) ,
- Installation, user & maintenance manual (180 pages) ,
- Quick start manual (18 pages)
Table of Contents
Advertisement
7914FDE.fm
The array is now secured, as indicated by the padlock in a locked position, as shown in
Figure 15-17.
Figure 15-17 Array is now secured with Disk Security enabled
15.4 Additional secure disk functions
In the following sections, we discuss the following functions:
Changing the security key
Saving the security key file
Secure disk erase
FDE drive status
Hot spare drives
15.4.1 Changing the security key
The security key can be changed if the details of the existing key be corrupted or the pass
phrase forgotten, provided that there are no outstanding Secure Disk communications
between the FDE drives and Disk Encryption Manager (for example, if a disk is in a "locked"
state). Because the disk encryption key never leaves the disk, you might want to periodically
change the encryption key, the way a user might periodically change the administrative
password to an operating system. This depends on the organization's security guidelines.
The process to change the security key is very similar to that of creating it initially. To change
the key, select, in the top left hand corner of the Storage Manager menu, Storage
Subsystem Drive Security Change Security Key. The confirmation window to change
the security opens as in Figure 15-18 on page 467
466
IBM System Storage DS3500: Introduction and Implementation Guide
Draft Document for Review March 28, 2011 12:24 pm
Advertisement
Table of Contents
Troubleshooting
