Creating a security key – Dell POWERVAULT MD3600I User Manual
Page 77
•
A security key is installed in the storage array.
•
At least one security capable physical disk is installed in the storage array.
•
All of the physical disks that you selected on the Hardware tab are security capable physical disks.
You can erase security enabled physical disks so that you can reuse the drives in another disk group or in another
storage array. When you erase security enabled physical disks, ensure that the data cannot be read. When all of the
physical disks that you have selected in the Physical Disk type pane are security enabled, and none of the selected
physical disks is part of a disk group, the Secure Erase option is displayed in the Hardware menu.
The storage array password protects a storage array from potentially destructive operations by unauthorized users. The
storage array password is independent from self encrypting disk, and should not be confused with the pass phrase that
is used to protect copies of a security key. However, it is good practice to set a storage array password.
Creating A Security Key
When you create a security key, it is generated by and securely stored by the array. You cannot read or view the
security key. A copy of the security key must be kept on some other storage medium for backup in case of system failure
or for transfer to another storage array. A pass phrase that you provide is used to encrypt and decrypt the security key
for storage on other media.
When you create a security key, you also provide information to create a security key identifier. Unlike the security key,
you can read or view the security key identifier. The security key identifier is also stored on a physical disk or
transportable media. The security key identifier is used to identify which key the storage array is using.
To create a security key:
1.
In the AMW, from the menu bar, select Storage Array → Security → Physical Disk Security → Create Key .
2.
Perform one of these actions:
– If the Create Security Key dialog is displayed, go to step 6.
– If the Storage Array Password Not Set or Storage Array Password Too Weak dialog is displayed, go to step
3.
3.
Choose whether to set (or change) the storage array password at this time.
– Click Yes to set or change the storage array password. The Change Password dialog is displayed. Go to
step 4.
– Click No to continue without setting or changing the storage array password. The Create Security Key
dialog is displayed. Go to step 6.
4.
In New password, enter a string for the storage array password. If you are creating the storage array password for
the first time, leave Current password blank. Follow these guidelines for cryptographic strength when you create
the storage array password:
– The password should be between eight and 30 characters long.
– The password should contain at least one uppercase letter.
– The password should contain at least one lowercase letter.
– The password should contain at least one number.
– The password should contain at least one non-alphanumeric character, for example, < > @ +.
5.
In Confirm new password, re-enter the exact string that you entered in New password.
6.
In Security key identifier, enter a string that becomes part of the secure key identifier.
You can enter up to 189 alphanumeric characters without spaces, punctuation, or symbols. Additional characters
are generated automatically and is appended to the end of the string that you enter. The generated characters help
to ensure that the secure key identifier is unique.
7.
Enter a path and file name to save the security key file by doing one of the following:
77