Validate security key, Unlocking secure physical disks, Erasing secure physical disks – Dell POWERVAULT MD3600I User Manual
Page 80: Configuring hot spare physical disks
Make a record of the pass phrase you entered. You need it for later secure operations.
5.
Click Save.
6.
Make a record of the security key identifier and the file name from the Save Security Key Complete dialog, and click
OK.
Validate Security Key
A file in which a security key is stored is validated through the Validate Security Key dialog. To transfer, archive, or back
up the security key, the RAID controller module firmware encrypts (or wraps) the security key and stores it in a file. You
must provide a pass phrase and identify the corresponding file to decrypt the file and recover the security key.
Data can be read from a security enabled physical disk only if a RAID controller module in the storage array provides the
correct security key. If security enabled physical disks are moved from one storage array to another, the appropriate
security key must also be imported to the new storage array. Otherwise, the data on the security enabled physical disks
that were moved is inaccessible.
See the online help topics for more information on validating the security key.
Unlocking Secure Physical Disks
You can export a security enabled disk group to move the associated physical disks to a different storage array. After
you install those physical disks in the new storage array, you must unlock the physical disks before data can be read
from or written to the physical disks. To unlock the physical disks, you must supply the security key from the original
storage array. The security key on the new storage array is different and cannot unlock the physical disks.
You must supply the security key from a security key file that was saved on the original storage array. You must provide
the pass phrase that was used to encrypt the security key file to extract the security key from this file.
For more information, see the online help topics.
Erasing Secure Physical Disks
In the AMW, when you select a security enabled physical disk that is not part of a disk group, the Secure Erase menu
item is enabled on the Physical Disk menu. You can use the secure erase procedure to re-provision a physical disk. You
can use the Secure Erase option if you want to remove all of the data on the physical disk and reset the physical disk
security attributes.
CAUTION: Possible loss of data access—The Secure Erase option removes all of the data that is currently on the
physical disk. This action cannot be undone.
Before you complete this option, make sure that the physical disk that you have selected is the correct physical disk.
You cannot recover any of the data that is currently on the physical disk.
After you complete the secure erase procedure, the physical disk is available for use in another disk group or in another
storage array. See the online help topics for more information on the secure erase procedure.
Configuring Hot Spare Physical Disks
Guidelines to configure host spare physical disks:
CAUTION: If a hot spare physical disk does not have Optimal status, follow the Recovery Guru procedures to
correct the problem before you try to unassign the physical disk. You cannot assign a hot spare physical disk if it is
in use (taking over for a failed physical disk).
•
You can use only unassigned physical disks with Optimal status as hot spare physical disks.
80