Encrypting volumes with NetApp Volume Encryption Edit on GitHub Request doc changes

NetApp Volume Encryption (NVE) is a software-based technology for encrypting data at rest one volume at a time. Data, Snapshot copies, and metadata are encrypted. Access to the data is given by a unique XTS-AES-256 key, one per volume.

About this task

At this time, Cloud Volumes ONTAP supports NetApp Volume Encryption with an external key management server. An Onboard Key Manager is not supported.

You need to set up NetApp Volume Encryption from the CLI. You can then use either the CLI or System Manager to enable encryption on specific volumes. Cloud Manager does not support NetApp Volume Encryption.

Steps
  1. Review the list of supported key managers in the NetApp Interoperability Matrix Tool.

    Search for the Key Managers solution.
  2. Connect to the Cloud Volumes ONTAP CLI.

  3. Install a NetApp Volume Encryption license on the Cloud Volumes ONTAP system.

  4. Install SSL certificates and connect to the external key management servers.

  5. Create a new encrypted volume or convert an existing unencrypted volume using either the CLI or System Manager.