beautypg.com

7 enhancing security with dar encryption, Enabling dar encryption – HP 3PAR Operating System Software User Manual

Page 86

background image

7 Enhancing Security with DAR Encryption

Data-At-Rest (DAR) Encryption allows you to encrypt all hard drives on the storage system with an
authentication key and the use of Self Encrypting Drives (SEDs). This feature, available on StoreServ
7000 and 10000 systems, allows you to perform the following Encryption-related tasks:

Verify Encryption status

Enable Encryption

Back up an authentication key

Restore an authentication key

Generate a new key

Recover a key

A DAR license is required to enable this feature, and all disks to be encrypted are required to be
Self-encrypting drives (SEDs). When a DAR license is added to the storage system, SEDs are
encrypted or decrypted automatically. Once the system's encryption feature has been enabled
(activated), the storage system reports its status as encrypted. You are then able to review the
Encryption status under the System Summary tab and when viewing individual physical disks.

Enabling DAR Encryption

To enable DAR Encryption:
1.

Select Systems in the Manager Pane, click Encryption in the Main Toolbar, then select Enable.
Alternately, in the Menu Bar you can select Actions > Encryption > Enable.

The Enable Encryption and Back Up Authentication Key dialog appears.

2.

Enter the file name and location for the key file, or click Browse to navigate to a file, then click
Save to return to the dialog. The Key File text box is populated with the selected path to the
file.

WARNING!

Save the key backup file to external media (CD, external hard drive, server,

and so on) and store this media in a safe location. You must use the key backup file and its
password to recover the authentication key in case of an unforeseen event. If you do not back
up the key, or if you are unable to access the key backup file, you risk losing the data on all
your storage system’s hard drives.

86

Enhancing Security with DAR Encryption