Encrypt stored data using self-encrypting drives
Suggest changes
-
PDF of this doc site
- Cluster administration
-
Volume administration
- Logical storage management with the CLI
-
NAS storage management
- Configure NFS with the CLI
- Manage NFS with the CLI
-
Manage SMB with the CLI
- Manage file access using SMB
- SAN storage management
- Security and data encryption
-
Data protection and disaster recovery
- Data protection with the CLI
Collection of separate PDF docs
Creating your file...
This may take a few minutes. Thanks for your patience.
Your file is ready
Use disk encryption to ensure that all data in a local tier cannot be read if the underlying device is repurposed, returned, misplaced, or stolen. Disk encryption requires special self-encrypting HDDs or SSDs.
Disk encryption requires a key manager. You can configure the onboard key manager using System Manager. You can also use an external key manager, but you need to first set it up using the ONTAP CLI.
If ONTAP detects self-encrypting disks, it prompts you to configure the onboard key manager when you create the local tier.
Steps
-
Under Encryption, click to configure the onboard key manager.
-
If you see a message that disks need to be rekeyed, click , and then click Rekey Disks.