Encrypt stored data using self-encrypting drives
Contributors Download PDF of this topic
Use disk encryption to ensure that all data in a local tier cannot be read if the underlying device is repurposed, returned, misplaced, or stolen. Disk encryption requires special self-encrypting HDDs or SSDs.
Disk encryption requires a key manager. You can configure the onboard key manager using ONTAP System Manager. You can also use an external key manager, but you need to first set it up using the ONTAP CLI.
If ONTAP detects self-encrypting disks, it prompts you to configure the onboard key manager when you create the local tier.
Under Encryption, click to configure the onboard key manager.
If you see a message that disks need to be rekeyed, click , and then click Rekey Disks.