Intel Optane DC Persistent Memory - Configuration and Setup White Paper

ManualsBrandsHP ManualsDesktopsHP Z6 G4 Workstation

17TECHNICAL WHITE PAPER

3. Select for how many reboots (1-5) you want to keep the NVDIMMs unfrozen.

4. Save and Exit.

Secure Erase

1. Secure Erase works by deleting the internal encryption key and generating a new one, which instantly

crypto-scrambles/randomizes all existing user data in the DCPMM and marking the contents as erased.

The contents are then sampled for validation.

2. Secure Erase follows NIST SP 800-88 rev.1 and ISO-IEC 27040.

3. If Transparent Unlock is enabled, you must disable it rst (see above).

4. If Namespaces are enabled, you must delete them rst (see above).

5. Security > Hard Drive Utilities > Secure Erase.

6. In the “Select a Drive” list, select the rst DCPMM to erase.

7. Select “Continue”.

8. If there is no passphrase on the DCPMM at this point, you must create one so that the contents stay protected

in case the secure erase operation aborts. “Please enter a DriveLock password to allow the drive to be erased.”

Re-enter the passphrase to conrm.

9. The actual erase process takes under a second.

10. Repeat for all DCPMMs to erase.

Statement of Volatility

Like other memory and storage devices, the DCPMM will retain information after the system is shut down. When

clearing the info from a module, it is important to clear both types of Non-Volatile memory on the module:

1. Like DRAM memory, the DCPMM contains an SPD. The SPD memory will not be modied during standard

operation of the workstation system. It will not hold any user data or settings. This NVM memory could

potentially be vulnerable due to the fact that it can be modied freely using third party tools. If there is

a possible that the SPD region has been tampered with, HP recommends either re-writing the SPED with

third party tools.

2. DCPMM also contains storage media that can be cleared using the Secure Erase process outline above.

If there are concerns around retaining information on the module, destroy the DCPMM.

DCPMM System Management Tasks

Migrating DCPMMs

Migrating DCPMMs without data retention

When moving a set of DCPMMs to another system, the recommended procedure is to back up all data, recongure

the DCPMM, then restore the data to the DCPMM. In Memory Mode it is not necessary to back up and restore

as there is no persistent data on the DCPMMs.

1. Back up all data from the DCPMM if they are in a Persistent Memory mode.

2. Install the DRAM in the new system in same conguration as the previous system (or following the conguration

rules in Appendix G).

3. Power on the system. Update BIOS to the latest version.

4. Move the DCPMMs from the previous system to the new system in exactly the same conguration noting which

DCPMMs are in which DIMM slots (following the conguration rules in Appendix G).

5. Go into F10 Setup and recongure the DCPMMs in Advanced -> NVDIMM Conguration.

6. Complete the conguration following the steps in the section “Conguring DCPMM – BIOS F10 Setup”.

7. Restore all data back to the storage volume(s) on the DCPMMs.

Migrating DCPMMs with data retention

If it is necessary to move DCPMMs in a Persistent Memory mode and retain the data on the DCPMM follow these

steps. This is the procedure to use when replacing the motherboard.

1. The DRAM in the new system must be in the same conguration and DIMM slots as the old system.

2. If Transparent Unlock is enabled (see Appendix E), export the current passphrases to a USB stick.

3. Turn AC power o. Remove the DCPMMs from the source workstation, and for each one note down the DIMM

slot it came from and the last digits of the serial number.

CONTENTS & NAVIGATION

Introduction

DCPMM Security

Overview

System Requirements

System Setup Overview

Appendices