beautypg.com

1 dka encryption overview, Dka encryption benefits, Dka encryption support specifications – HP StorageWorks XP Data Integrity Check XP Software User Manual

Page 6: Primary and secondary data encryption license keys

background image

1 DKA Encryption Overview

To guarantee the security of the data, use the DKA Encryption (EDKA) feature to store encrypted
data in an LDEV and encrypt them. The EDKA feature provides redundant backup and restore
capabilities to ensure data availability.

DKA Encryption benefits

Encrypting data can prevent information loss or leaks if a disk drive is physically removed from
the system. Failure, loss, or theft are the most common reasons for information loss.

The following lists the benefits of using the EDKA feature:

Hardware-based AES 256 encryption in XTS mode for open and mainframe systems.

You can apply encryption to some or all of the internal drives without throughput or latency
impacts for data I/O and little to no disruption to existing applications and infrastructure.

Simplified and integrated key management that does note require specialized key management
infrastructure.

Data-center friendliness. The EDKA feature:

Uses little additional power (equivalent of one 25 watt light bulb).

Produces negligible amounts of additional heat.

Does not require additional rack space.

DKA Encryption support specifications

The following table lists the DKA feature’s support specifications.

Specification

Item

Advanced Encryption Standard (AES) 256 bit.

Encryption algorithm

Hardware
specifications

XTS mode.

Encryption mode

Open, mainframe, multiplatform

Volume type

LDEVs that you can
encrypt

All emulation types including OPEN-V and
3390-x.

Emulation type

Internal LDEVs only.

Internal/external LDEVs

Supported. Requires data migration.

LDEV with existing data

Use Remote Web Console (RWC) to create the
data encryption license key.

Creating data encryption license keys

Managing data
encryption license keys

Use RWC to delete data encryption license keys.

Deleting data encryption license keys

32 data encryption license keys per storage
system.

Scope of data encryption license keys

Parity group.

Unit of encryption/decryption

Redundant (P-VOL and S-VOL) backup/restore
copies.

Backup/Restore functionality

Primary and secondary data encryption license keys

The P9500 storage system uses the EDKA feature to set up the data encryption license keys to
encrypt and decrypt data.

6

DKA Encryption Overview

This manual is related to the following products:
See also other documents in the category HP Storage: