Validate security key, Unlocking secure physical disks, Erasing secure physical disks – Dell PowerVault MD3200i User Manual
Page 122
122
Configuration: Disk Groups and Virtual Disks
Validate Security Key
A file in which a security key is stored is validated through the Validate
Security Key dialog. To transfer, archive, or back up the security key, the RAID
controller module firmware encrypts (or wraps) the security key and stores it
in a file. You must provide a pass phrase and identify the corresponding file to
decrypt the file and recover the security key.
Data can be read from a security enabled physical disk only if a RAID
controller module in the storage array provides the correct security key. If
security enabled physical disks are moved from one storage array to another,
the appropriate security key must also be imported to the new storage array.
Otherwise, the data on the security enabled physical disks that were moved is
inaccessible.
For more information on validating the security key, see the PowerVault
Modular Disk Storage Manager online help topics.
Unlocking Secure Physical Disks
You can export a security-enabled disk group to move the associated physical
disks to a different storage array. After you install those physical disks in the
new storage array, you must unlock the physical disks before data can be read
from or written to the physical disks. To unlock the physical disks, you must
supply the security key from the original storage array. The security key on the
new storage array is different and cannot unlock the physical disks.
You must supply the security key from a security key file that was saved on the
original storage array. You must provide the pass phrase that was used to
encrypt the security key file to extract the security key from this file.
For more information, see the PowerVault Modular Disk Storage Manager
online help topics.
Erasing Secure Physical Disks
In the AMW, when you select a security enabled physical disk that is not part
of a disk group, the Secure Erase menu item is enabled on the Physical Disk
menu. You can use the secure erase procedure to re-provision a physical disk.
You can use the Secure Erase option if you want to remove all of the data on
the physical disk and reset the physical disk security attributes.
CAUTION:
Possible loss of data access – The Secure Erase option removes all of
the data that is currently on the physical disk. This action cannot be undone.
book.book Page 122 Tuesday, June 18, 2013 3:15 PM