HP XP7 Volume Shredder for Open and Mainframe Systems User Guide Abstract This document describes and provides instructions for using the Volume Shredder secure erase software for the HP XP7 storage system.
© Copyright 2014 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice.
Contents 1 Overview of Volume Shredder......................................................................4 Data security practices and Volume Shredder...............................................................................4 Supported volume types............................................................................................................4 Volume Shredder operations......................................................................................................4 Shredding times.
1 Overview of Volume Shredder This chapter provides an overview of Volume Shredder operations on the HP XP7 Storage system. Data security practices and Volume Shredder The Volume Shredder software on Remote Web Console enables you to securely erase data on volumes in the HP XP7 by overwriting existing data to prevent restoration of the erased data. For example, when the user of a volume changes, you may want to purge the data stored by the previous user before giving access to the new user.
You can configure Volume Shredder to overwrite data from three to eight times, and each time the system overwrites the data you can configure the dummy data to be any hexadecimal number from 0 to FFFF. After the system finishes overwriting data, you can view the results in the user interface or, if configured, you can open the compressed results files. We recommend that you execute the shredding function at times of day when the host I/O load is lowest.
Rotation per minute RAID level RAID 6 10 Krpm 6D+2P 35 minutes 14D+2P 20 minutes RAID 1 2D+2D 110 minutes RAID 5 3D+1P 70 minutes 7D+1P 35 minutes 6D+2P 35 minutes 14D+2P 20 minutes RAID 1 2D+2D 185 minutes RAID 5 3D+1P 120 minutes 7D+1P 50 minutes 6D+2P 65 minutes 14D+2P 25 minutes RAID 6 7.2Krpm Standard required time* RAID 6 *Data drive capacity is assumed to be 1 TB.
configurations, you should arrange the drives into those with the same standard required times, and then add drives starting with those volume types requiring the least shredding time. Fibre-channel connectivity is required for both mainframe and open- systems volumes.
2 Volume Shredder operations This chapter describes and provides instructions for performing Volume Shredder operations: Workflow for shredding Use the following workflow to shred volumes using Volume Shredder: 1. “Viewing shredding status with the Logical Device window” (page 13) (Volume status should be Normal.) 2. “Blocking a volume” (page 8) 3. “Calculating the number of overwrite passes for flash drives” (page 9) if you are shredding a volume on a flash drive.
Blocking volumes in a parity group You must have the Storage Administrator (Provisioning) role to perform this task. To block volumes in a parity group: 1. Display the Parity Groups tab by choosing one of the following steps, depending on the location of the parity group: 2. 3. 4. • In the Storage Systems tree, select Parity Groups. • In the Storage Systems tree, select Parity Groups and then Internal or External. Confirm the current status of the volume by viewing the Status column of the table.
Example of shredding data on flash drives In this sample configuration, the flash drive capacity is 400 GB, the RAID configuration is 3D+1P, and the LDEV capacity is 440 GB. 1. Calculate the number of shredding operations. [(400 × 3) × 2] / 440 = 5.45 = six times Round up the value (5.45) to the nearest whole number. You need to overwrite the data six times. 2. Define the shredding settings.
2. Define the shredding settings. Refer to “Defining shredding conditions” (page 11), select the Data Pattern (User Setting) list and Random Data, then click Add eight times. 3. Erase the volume data. Refer to “Defining shredding conditions” (page 11) for procedures on erasing the volume data. 4. Repeat steps 2 and 3, three more times, clicking Add three times. Defining shredding conditions Configure data overwrite patterns and the number of overwrite passes in the Shredding Data Pattern window.
a hexadecimal number of up to four digits (0 to FFFF). The number is added in the Data Pattern (User Setting) table. If you make a mistake, click Clear and reenter the desired numbers. CAUTION: You should enter three or more numbers to use as dummy data. If you overwrite data with less than three numbers, some or all data might be recoverable. 7. Click OK to close the Edit Shredding Data Pattern window.
Shredding volumes in parity groups You must have the Storage Administrator (Provisioning) role to perform this task. To shred a volume: 1. To display the Parity Groups tab, choose one of the following steps, depending on the location of the parity group: 2. 3. 4. 5. • In the Storage Systems tree, select Parity Groups. • In the Storage Systems tree, select Parity Groups and then Internal or External. Confirm the current status of the parity group by viewing the LDEV Status column of the table.
Stopping a shredding operation You can stop the volume shredding process. CAUTION: If you stop the shredding process, you cannot restart the process. Data integrity of the volume is not guaranteed. You must have the Storage Administrator (Provisioning) role to perform this task. 1. Select Tasks from the Storage System tree. A table of tasks appears. 2. In the list, click the task you want to stop. The Task Properties dialog box opens. 3. 4. 5. Click Abort in the Shredding Data pattern field.
Status Description Shredding data verify error. An error was detected in the file containing the shredding results. No-data assigned. When you shred an unused Thin Provisioning virtual volume, no dummy data is written to the volume. In this case the status of the shredding operation in the shredding results file is No-data assigned.
3 Support and other resources Contacting HP For worldwide technical support information, see the HP support website: http://www.hp.
HP websites For additional information, see the following HP websites: • http://www.hp.com • http://www.hp.com/go/storage • http://www.hp.com/service_locator • http://www.hp.com/support/manuals • http://www.hp.com/support/downloads • http://www.hp.
Table 1 Document conventions (continued) Convention Element Monospace text • File and directory names • System output • Code • Commands, their arguments, and argument values Monospace, italic text • Code variables • Command variables Monospace, bold text WARNING! CAUTION: IMPORTANT: NOTE: TIP: 18 Emphasized monospace text Indicates that failure to follow directions could result in bodily harm or death. Indicates that failure to follow directions could result in damage to equipment or data.
A Volume Shredder GUI reference This section describes the Remote Web Console windows for Volume Shredder. Shred LDEVs wizard Shred LDEVs window Use the Shred LDEVs window to select the volumes (LDEVs) to be shredded, configure the shredding operations (number of overwrite passes, data patterns), and enable/disable the output of shredding results to files.
Selected LDEVs table in the Shred LDEVs window Item Description LDEV ID ID of the selected LDEV. The ID is a combination of the logical disk controller (LDKC) number, control unit (CU) number, and LDEV number. Free indicates free space. LDEV Name Name of the selected LDEV. Parity Group ID Parity group number (for example, 1-1) of the selected LDEV. • A parity group number starting with E (for example, E1-1) indicates that the parity group contains one or more external volumes.
Selected LDEVs table in the Confirm window Item Description LDEV ID ID of the LDEV to be shredded. The ID is a combination of the logical disk controller (LDKC) number, control unit (CU) number, and LDEV number. Free indicates free space. LDEV Name Name of the LDEV to be shredded. Parity Group ID Parity group number (for example, 1-1) of the LDEV to be shredded. • A parity group number starting with E (for example, E1-1) indicates that the parity group contains one or more external volumes.
Item Description Capacity Capacity of the LDEV to be shredded. To change the capacity unit, select Option > Capacity Unit. Provisioning Type Provisioning type of the LDEV to be shredded: • Basic: Internal volume • External: External volume • THP: Virtual volume of Thin Provisioning Attribute The following LDEV attributes are displayed: • Command device. • Volumes not having an LDEV attribute with a hyphen (-). Data Output YES: The results of the shredding operation will be saved in a file.
Item Description Data Pattern Type of data pattern: default data pattern or custom. • Default Pattern(00-FF-00): Three passes with the following dummy data patterns: “00” for the first pass, “FF” for the second pass, and “00” for the third pass. • Data Pattern(User Setting): Selected to define the number of passes and the data pattern for each pass. Random Data Volume Shredder selects a 4-digit hexadecimal number at random to be used as the dummy data pattern for the pass.
Data Pattern (User Setting) table in the Edit Shredding Data Pattern window Item Description Pass Number Order of the overwrite pass. Data Pattern Dummy data pattern for the overwrite pass. Clear Clears the values (other than 00) in the bottom row of the Data Pattern(User Setting) table.
Glossary allocation The ratio of allocated storage capacity versus total capacity as a percentage. Allocated storage refers to those logical devices (LDEVs) that have paths assigned to them. Allocated storage capacity is the sum of the storage of these LDEVs. Total capacity is the sum of the capacity of all LDEVs on the disk array. BC P9000 or XP Business Copy. An HP application that provides volume-level, point-in-time copies in the disk array.
to be associated with 1 to 36 LDEVs. Essentially, LUSE makes it possible for applications to access a single large pool of storage. M-VOL Main volume. MCU Main control unit. OPEN-x A general term describing any of the supported OPEN emulation modes (for example, OPEN-E). There are two types of OPEN-x devices: legacy OPEN-x devices with a fixed size (such as OPEN-3, OPEN-8, OPEN-9, and OPEN-E), and OPEN-V, which has a variable size and is a CVS-based volume.
Index B blocking volumes, 8 C contacting HP, 16 conventions document, 17 storage capacity values, 17 text symbols, 18 D document conventions, 17 related information, 16 documentation HP website, 16 providing feedback, 16 E editing shredding data patterns, 11 F flash drives calculating shredding passes, 9 flash module drives calculating shredding passes, 10 shredding restrictions journal volume, 4 pool volume, 4 storage capacity values conventions, 17 subscription service, HP, 16 symbols in text, 18 T
