When are data encryption license keys needed, Primary and secondary data encryption license keys – HP XP7 Storage User Manual

Page 7

Advertising
background image

Specification

Item

Free: The unused key before allocating the
encryption license key.

DEK: The encryption license key. The key for the
encryption of the stored data.

CEK: The certificate encryption key. The key for
the encryption of the certificate and the key for
the encryption of DEK per HDD.

KEK: Key Encryption Key. The key for the
encryption of the CEK.

Redundant (P-VOL and S-VOL) backup/restore
copies.

Backup/Restore functionality

When are data encryption license keys needed

After you have completed the encryption environmental settings, you will need data encryption
license keys to work on the following operations:

Increasing drives

A Free key is needed for each drive to allocate a DEK key.

Replacing drives

A Free key is needed for each drive to change a DEK key.

Increasing, decreasing, or replacing disk adapters.

6 Free keys are needed for each disk adapter to create 4 CEK keys and 2 keys to register
CEK keys.

Updating CEK keys

4 Free keys for each disk adapter (32 Free keys per a storage system) are needed to change
CEK keys.

If a problem occurs in the middle of an operation, extra keys might be needed to recover from
it.

Primary and secondary data encryption license keys

The HP XP7 Storage system uses the DKA Encryption feature to set up the data encryption license
keys to encrypt and decrypt data.

You can use the DKA Encryption feature to back up data encryption license keys. The HP XP7
Storage system automatically creates a primary backup of the data encryption license key, and
stores this backup on each MP package.

You can create a secondary backup data encryption license key. The secondary backup is required
to restore the key if the primary backup is unavailable.

Hitachi Data Systems recommends that you back up each key or group of keys immediately after
you create them. You are responsible for storing the secondary backup securely. Schedule regular
backups for all keys at the same time one time every week to ensure data availability.

In addition, it is recommended that you back up each key after you perform any of the following
operations:

Creating encryption license keys.

Increasing, decreasing, or replacing drives.

Increasing, decreasing, or replacing disk adapters.

When are data encryption license keys needed

7

Advertising
This manual is related to the following products:

XP Racks

Popular Brands
Popular manuals