EasyManua.ls Logo

Fujitsu ETERNUS DX100 S3 - Data Encryption

Fujitsu ETERNUS DX100 S3
207 pages
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Data Encryption
Encrypting data as it is being written to the drive prevents information leakage caused by fraudu-
lent decoding. Even if a drive is removed and stolen by malicious third parties, data cannot be de-
coded.
This function only encrypts the data stored on the drives, so server access results in the transmis-
sion of plain text. Therefore, this function does not prevent data leakage from server access. It only
prevents data leakage from drives that are physically removed.
The following two types of data encryption are supported:
Self Encrypting Drive (SED)
This drive type has an encryption function. Data is encrypted when it is written. Encryption using
SEDs is recommended because SEDs do not affect system performance.
SEDs are locked the instant that they are removed from the storage system, which ensures no
data is read or written with these drives. This encryption prevents information leakage from
drives that are stolen or replaced for maintenance. This function also reduces discarding costs
because SEDs do not need to be physically destroyed.
Firmware Data Encryption
Data is encrypted on a volume basis by the controllers (CMs) of the
ETERNUS DX. Data is encryp-
ted and unencrypted in the cache memory when data is written or read.
AES (*1) or Fujitsu Original Encryption can be selected as the encryption method. The Fujitsu
Original Encryption method uses a Fujitsu original algorithm that has been specifically created for
ETERNUS DX storage systems.
*1: Advanced Encryption Standard (AES)
Standard encryption method selected by The National Institute of Standards and Technology
(NIST). The key length of AES is 128 bits, 192 bits, or 256 bits. The encryption strength be-
comes higher with a longer key length.
The following table shows the functional comparison of SED and firmware data encryption.
Function specification Self Encrypting Drive (SED) Firmware data encryption
Type of key Authentication key Encryption key
Encryption unit Drive Volume, Pool
Encryption method AES-256 Fujitsu Original Encryption/AES-128/
AES-256
Influence on performance None (equivalent to unencrypted
drives)
Yes
Key management server linkage Yes No
2. Basic Functions
Data Encryption
64
Fujitsu Storage ETERNUS DX100 S4/DX200 S4, ETERNUS DX100 S3/DX200 S3 Hybrid Storage Systems
Design Guide (Basic)
Copyright 2023 Fujitsu Limited
P3AM-7642-32ENZ0

Table of Contents

Other manuals for Fujitsu ETERNUS DX100 S3

Preview: User Guide
User Guide1082 pages
Preview: Basic Operation Guide
Basic Operation Guide122 pages
Preview: Setup Guide
Setup Guide129 pages
Preview: Operation Guide
Operation Guide119 pages
Preview: Configuration Guide
Configuration Guide188 pages
Preview: Site Planning Guide
Site Planning Guide57 pages
Preview: Configuration Guide Server Connection
Configuration Guide Server Connection12 pages
Preview: Safety Precautions
Safety Precautions12 pages

Related product manuals