Security key and raid management, Security key implementation, Local key management (lkm) – Dell PowerEdge RAID Controller H710 User Manual
Page 65: 7 security key and raid management
7
Security Key And RAID Management
NOTE: PERC H310 does not support any security implementations.
Security Key Implementation
The Dell PowerEdge RAID Controller (PERC) H710, H710P, and H810 cards support Self-Encrypting Disks (SED) for
protection of data against loss or theft of SEDs. Protection is achieved by the use of encryption technology on the drives.
There is one security key per controller. You can manage the security key under Local Key Management (LKM). The key
can be escrowed in to a file using Dell OpenManage. The security key is used by the controller to lock and unlock
access to encryption-capable physical disks. In order to take advantage of this feature, you must:
1. Have SEDs in your system.
2. Create (LKM) a security key.
Security Key Management In The BIOS Configuration Utility
The Dell OpenManage storage management application and the BIOS Configuration Utility (<Ctrl> <R>) of the controller
allow security keys to be created and managed as well as create secured virtual disks. The following section describes
the menu options specific to security key management and provide detailed instructions to perform the configuration
tasks. The contents of the following section apply to the BIOS Configuration Utility (<Ctrl> <R>). For more information on
the management applications, see the topic
Management Applications For PERC Cards
.
•
The Virtual Disk Management screen, VD Mgmt, is the first screen that is displayed when you access a RAID
controller from the main menu screen on the BIOS Configuration Utility (<Ctrl> <R>). The following are security-
related actions you can perform through the virtual disk management menu:
– Security Key Management—Creates, changes, or deletes the security settings on a controller.
– Secure Disk Group—Secures all Virtual Disks in Disk Group.
•
The Physical Disk Management screen, PD Mgmt, displays physical disk information and action menus. The
following are security-related actions you can perform through the physical disk management menu:
– Instant Secure Erase—Permanently erases all data on an encryption-capable physical disk and resets
the security attributes.
For more information on the Physical Disk Management screen and Virtual Disk Management screen, see the topics
Physical Disk Management (PD Mgmt)
respectively.
Local Key Management (LKM)
You can use LKM to generate the key ID and the passphrase required to secure the virtual disk. You can secure virtual
disks, change security keys and manage secured foreign configurations using this security mode.
NOTE: Under LKM, you are prompted for a passphrase when you create the key.
65