Users Guide
Security key and RAID management
NOTE: The H330 PERC card does not support security key and RAID management features.
Topics:
• Security key implementation
• Security key management in the BIOS conguration utility
Security key implementation
The Dell PowerEdge RAID Controller (PERC) 9 series of cards support Self-Encrypting Disks (SED) for protection of data against loss or
theft of SEDs. Protection is achieved by the use of encryption technology on the drives. There is one security key per controller. You can
manage the security key under Local Key Management (LKM). The key can be escrowed in to a le using Dell OpenManage storage
management application. The security key is used by the controller to lock and unlock access to encryption-capable physical disks. In order
to take advantage of this feature, you must:
1 Have SEDs in your system.
2 Create a security key.
Security key management in the BIOS conguration
utility
The Dell OpenManage storage management application and the BIOS Conguration Utility (<Ctrl> <R>) of the controller allow security
keys to be created and managed as well as create secured virtual disks. The following section describes the menu options specic to
security key management and provide detailed instructions to perform the conguration tasks. The contents in the following section apply
to the BIOS Conguration Utility (<Ctrl> <R>). For more information on the management applications, see Management Application For
PERC Cards.
• The Virtual Disk Management screen, VD Mgmt, is the rst screen that is displayed when you access a RAID controller from the main
menu screen on the BIOS Conguration Utility (<Ctrl> <R>). The following are security-related actions you can perform through the
virtual disk management menu:
– Security Key Management—Creates, changes, or deletes the security settings on a controller.
– Secure Disk Group—Secures all virtual disks in disk group.
• The Physical Disk Management screen, PD Mgmt, displays physical disk information and action menus. The following are security-
related actions you can perform through the physical disk management menu:
– Secure Erase—Permanently erases all data on an encryption-capable physical disk and resets the security attributes.
For more information on the Physical Disk Management screen and the Virtual Disk Management screen, see Physical Disk Management
(PD Mgmt) and Virtual disk management respectively.
Local Key Management
You can use Local Key Management (LKM) to generate the key ID and the passphrase required to secure the virtual disk. You can secure
virtual disks, change security keys, and manage secured foreign congurations using this security mode.
8
Security key and RAID management 93