Users Guide

ManualsBrandsDell ManualsActive System ManageriDRAC9 - 3.3x Series

Creating a secure virtual disk on a RAID controller

Make sure that the controller is set to use either Local Key Management (LKM) or Secure Enterprise Key Manager (SEKM).

To create a secure virtual disk on a RAID controller:

1. Start Lifecycle Controller. For more information, see Starting Lifecycle Controller.

2. In the left pane, click Hardware Configuration.

3. In the right pane, click Configuration Wizards.

4. Under Storage Configuration Wizards, click RAID Configuration to launch the wizard.

The View Current RAID Configuration and Select Controller page is displayed along with the information on whether the

displayed virtual disk is secure.

NOTE: PERC controller name will be associated with phrase SEKM, if the controller is set to Secure Enterprise Key

Manager (SEKM) mode.

5. Select a security capable controller and click Next.

If the non-RAID disks are attached to the selected controller, select the non-RAID physical disk-drives, and then click Next to initialize

them. Else, the Select RAID Level page is displayed.

NOTE:

During initialization, all the data on the non-RAID disk drives are deleted.

6. Select the RAID level and click Next.

The Select Physical Disks page is displayed.

NOTE: Create boot virtual disks only from disk drives populated across slots 0–3 of the system. For slot information,

see the system Owner’s Manual.

7. From the Encryption Capability drop-down menu, select Self-encryption.

The self-encryption disks (SEDs) are displayed.

8. Select the SEDs and specify the properties, and then click Next.

The Virtual Disk Attributes page is displayed.

9. Select the virtual disk parameters, select the Secure Virtual Disk option, and click Next.

The Summary page is displayed.

10. To apply the RAID configuration, click Finish.

Key encryption

Use the Key Encryption feature to:

• Apply local encryption for PERC H730, H730P, H740, H740P, H840 RAID controllers.

• Delete the local encryption key.

• Encrypt the existing unsecure virtual drives.

• To change an existing encryption key to another one.

NOTE:

When PERC controllers H740 and H740P are set to Secure Enterprise Key Manager (SEKM) mode, they will not

be listed under Key Encryption feature.

Applying the local key on a RAID controller

Before applying the local key on a RAID controller, make sure that the controller is security-capable.

To apply the local key on a RAID controller:

1. Start Lifecycle Controller. For more information, see Starting Lifecycle Controller.

2. In the left pane, click Hardware Configuration.

3. In the right pane, click Configuration Wizards.

4. Under Storage Configuration wizards, click Key Encryption.

5. Select the controller to apply a local key and click Next.

6. Click Set up local key encryption and click Next.

NOTE:

Some controller options are disabled if they do not support encryption.

7. Enter the Encryption Key Identifier that is associated with the entered passphrase.

The Encryption Key Identifier is a passphrase hint; you must enter the passphrase when Lifecycle Controller prompts this hint.

Configure