Chapter 13. Encryption 749
13.2.3 Encryption licenses
Encryption is a licensed feature that uses key-based licensing.
No trial licenses for encryption exist on the basis that when the trial runs out, the access to
the data would be lost. Therefore, you must purchase an encryption license before you
activate encryption. Licenses are generated by IBM Data storage feature activation (DSFA)
based on the serial number (S/N) and the machine type and model number (MTM) of the
nodes.
You can activate an encryption license during the initial system setup (on the Encryption
screen of the initial setup wizard) or later on, in the running environment.
Contact your IBM marketing representative or IBM Business Partner to purchase an
encryption license.
13.3 Activating encryption
The first step to use encryption is to activate your encryption license.
Activation of the license can be performed in one of two ways: Automatically or manually. Both
methods are available during the initial system setup and on the running system.
13.3.1 Obtaining an encryption license
You must purchase an encryption license before you activate encryption. If you did not
purchase a license, contact an IBM marketing representative or IBM Business Partner to
purchase an encryption license.
When you purchase a license, you should receive a function authorization document with an
authorization code printed on it. This code allows you to proceed using the automatic
activation process.
If the automatic activation process fails or if you prefer using the manual activation process,
use this page to retrieve your license keys:
https://www.ibm.com/storage/dsfa/storwize/selectMachine.wss
Ensure that you have the following information:
Machine type (MT)
Serial number (S/N)
Machine signature
Authorization code
See 13.3.5, “Activate the license manually” on page 757 for instructions about how to retrieve
the machine signature of a node.
Important: If all master access key copies are lost and the system must cold reboot, all
encrypted data is gone. No method exists, even for IBM, to decrypt the data without the
keys. If encryption is enabled and the system cannot access the master access key, all
SAS hardware is offline, including unencrypted arrays.
To Next Page
Loading...
Need help?
General