Skip to main content
Start a Conversation

This post is more than 5 years old

Solved!

Go to Solution

Raj_la

115 Posts

4365

August 22nd, 2016 12:00

proof of DARE ( data at rest encyption )

hello,

isilon has this data at rest encryption feature but is there any command or within UI where i can see it. we have to show this to auditors as a proof

dynamox

1 Rookie

 • 

20.4K Posts

August 22nd, 2016 13:00

if you run isi devices it will show you that you have nodes with self encrypted drives.

isilon2-1# isi devices 


Node 1, [ OK ], [SED Node]


  Bay 1        Lnum 35      [HEALTHY]      SN:Z298K59Q0000C401AQK1  /dev/da1   


  Bay 2        Lnum 34      [HEALTHY]      SN:Z298K9ZC00009209QFA3  /dev/da2   


  Bay 3        Lnum 17      [HEALTHY]      SN:Z298K64P0000C35093XR  /dev/da19  


  Bay 4        Lnum 16      [HEALTHY]      SN:Z298K4TJ0000942517S3  /dev/da20

Raj_la

115 Posts

August 22nd, 2016 14:00

these are 2 different things right - Self encryption drives  vs isilon data at rest

i have one cluster has segate disks which are SED so nodes obviously stating SED Node but other cluder doesn't have this

column which means DARE not in place for this ??

Raj_la

115 Posts

August 22nd, 2016 15:00

NM - i got it now. i am under a impression that isilon  has inbuilt data at rest encryption by design but its not  it get it by by drives ( SED ).

shj9

1 Message

November 15th, 2019 12:00

I have an array that's on OneFS 8.1.0.4.  When this command is run against the array, i get the following output:

isl01-1# isi devices
Description:
Manage drives and nodes.

Required Privileges:
ISI_PRIV_DEVICES

Usage:
isi devices
[--timeout ]
[{--help | -h}]

Subcommands:
drive View and manage drives in the cluster's nodes.*
node Initiate node-level actions.

Options:

Display Options:
--timeout
Number of seconds for a command timeout (specified as 'isi --timeout NNN
').
--help | -h
Display help for this command.

See 'isi devices --help' for more information on a specific
subcommand.
* Actions under this collection can be specified as subcommands directly under
'isi devices' e.g. 'isi devices view'

Does this mean SED is not available on this array? 

Thank you.

tenortim

36 Posts

November 15th, 2019 15:00

On more modern releases of OneFS, the command is using the API, and the correct syntax is
# isi devices list e.g.

CSE-X200-1-1# isi devices list
Lnn Location Device Lnum State Serial
-----------------------------------------------------
1 Bay 1 /dev/da1 11 HEALTHY JPW9K0N02VU58L
1 Bay 2 /dev/da2 13 HEALTHY JPW9K0N132GH3L
1 Bay 3 /dev/da3 9 HEALTHY JPW9K0N02V69SL
1 Bay 4 /dev/da4 8 HEALTHY JPW9K0N02V636L
1 Bay 5 /dev/da5 7 HEALTHY JPW9J0N02VBSYV
1 Bay 6 /dev/da6 6 HEALTHY JPW9K0N02VU55L
1 Bay 7 /dev/da7 5 HEALTHY JPW9K0N02VU53L
1 Bay 8 /dev/da8 4 HEALTHY JPW9K0N02V6DHL
1 Bay 9 /dev/da9 3 HEALTHY JPW9K0N02VULSL
1 Bay 10 /dev/da10 2 HEALTHY JPW9K0N02VLM3L
1 Bay 11 /dev/da11 12 HEALTHY JPW9K0J80G26JL
1 Bay 12 /dev/da12 0 HEALTHY JPW9K0N02VV5TL
-----------------------------------------------------
Total: 12

jessieobioma

49 Posts

June 29th, 2021 00:00

Hello isi_tim,

In OneFS version 7, its is easy to tell that a node is an SED node after running the ''isi devices" command.

I can not tell just by looking at the "isi devices drive list" command.

Is there a command to very that in recent versions?

Thank you.

Phil.Lam

1 Rookie

 • 

573 Posts

July 6th, 2021 11:00

@jessieobioma,

try isi_classic devices

View More

View All

No Events found!

Top