Skip to main content

Encrypt stored data using self-encrypting drives

Contributors netapp-aherbin netapp-thomi netapp-ahibbard netapp-gregb

Use disk encryption to ensure that all data in a local tier cannot be read if the underlying device is repurposed, returned, misplaced, or stolen. Disk encryption requires special self-encrypting HDDs or SSDs.

Disk encryption requires a key manager. You can configure the onboard key manager using System Manager. You can also use an external key manager, but you need to first set it up using the ONTAP CLI.

If ONTAP detects self-encrypting disks, it prompts you to configure the onboard key manager when you create the local tier.

Steps
  1. Under Encryption, click Gear icon to configure the onboard key manager.

  2. If you see a message that disks need to be rekeyed, click Menu icon, and then click Rekey Disks.