Encrypt stored data using software-based encryption
Suggest changes
-
PDF of this doc site
- Cluster administration
-
Volume administration
- Logical storage management with the CLI
-
NAS storage management
- Configure NFS with the CLI
- Manage NFS with the CLI
-
Manage SMB with the CLI
- Manage file access using SMB
- Security and data encryption
- Data protection and disaster recovery
Collection of separate PDF docs
Creating your file...
This may take a few minutes. Thanks for your patience.
Your file is ready
Use volume encryption to ensure that volume data cannot be read if the underlying device is repurposed, returned, misplaced, or stolen. Volume encryption does not require special disks; it works with all HDDs and SSDs.
Volume encryption requires a key manager. You can configure the Onboard Key Manager using System Manager. You can also use an external key manager, but you need to first set it up using the ONTAP CLI.
After the key manager is configured, new volumes are encrypted by default.
Steps
-
Click Cluster > Settings.
-
Under Encryption, click to configure the Onboard Key Manager for the first time.
-
To encrypt existing volumes, click Storage > Volumes.
-
On the desired volume, click and then click Edit.
-
Select Enable encryption.