vietdh
1 Copper

how to implementation with XtremIO encryption

     Hi

I Have a new xtremIO with encryption feature, I have 2 question, kindly help me:

1. when I assign 1 LUN (A) for 1 server. All data in this LUN is encryption. What happen when my server is down, I changed new server. and assign this LUN (A) again? How to configuration for new server can read old data in LUN (A)?

2. How to manager key for encryption in XtremIO ?

Tags (2)
4 Replies
huj1
1 Copper

Re: how to implementation with XtremIO encryption

1. XtremIO encryption is on SSD level, this is used to protected customer's data if the SSD was moved from XtremIO to other places.So if your server is down, once you mapped the LUN to new server, the new server could access the data directly.

2. The encryption key is built in XtremIO and no need to manage it.

vietdh
1 Copper

Re: how to implementation with XtremIO encryption

Thanks for your support

0 Kudos
Highlighted
mdeitrick
1 Copper

Re: how to implementation with XtremIO encryption

Expounding on this a little further, the SSDs in the DAE are Self-Encrypting (SEDs), meaning that all data stored on the XtremIO array is automatically encrypted using hardware-based encryption whether encryption is enabled or not. The primary difference between enabling/disabling encryption on the array is where the key is stored. When encryption is enabled a new key is generated for all XtremIO Data Protection Groups and stored on the array Storage Controllers(SC) separate from the DPGs/DAEs. Without encryption enabled, the SSDs store the encryption keys locally, which is much less secure. It's important to note that this solution does not eliminate the need for host-level encryption in highly secure environments, as this level of encryption is not LUN/Volume based, and does not meet certain regulatory requirements.

vietdh
1 Copper

Re: how to implementation with XtremIO encryption

Thanks for your answer

0 Kudos