Lenovo ThinkServer RD240 MegaRAID SAS Software User Guide - Page 71
Workflow, 3.4.1 Enable Security
![]() |
View all Lenovo ThinkServer RD240 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 71 highlights
Option Description Security Key Un-Authenticated Mode A key based on a user-provided string. The controller uses the security key to lock and unlock access to the secure user data. This key is encrypted into the security key blob and stored on the controller. If the security key is unavailable, user data is irretrievably lost. You must take all precautions to never lose the security key. This mode allows controller to boot and unlock access to user configuration without user intervention. In this mode, the security key is encrypted into a security key blob, stored on the controller, but instead of a user passphrase, an internal key specific to the controller is used to create the security key blob. Volume Encryption Keys (VEK) The controller uses the Volume Encryption Keys to encrypt data when a controller-encrypted virtual disk is created. These keys are not available to the user. The firmware (FW) uses a unique 512-bit key for each virtual disk. The VEK for the VDs are stored on the physical disks in a VEK blob. 3.4 Workflow 3.4.1 Enable Security You can enable security on the controller. After you enable security, you have the option to create secure virtual drives using a security key. There are three procedures you can perform to create secure virtual drives using a security key: • Create the security key identifier • Create the security key • Create a pass phrase (optional) See Section 4.5, "Selecting Full Disk Encryption Security Options" for the procedures used to enable security in WebBIOS or Section 8.2, "Selecting Full Disk Encryption Security Options" fo r the procedures used to enable security in MegaRAID Storage Manage r. 3.4.1.1 Create the Security Key Identifier The security key identifier appears whenever you enter the security key. If you have multiple security keys, the identifier helps you determine which security key to enter. The controller provides a default identifier for you. You can use the default or enter your own identifier. Workflow 3-3
![](/manual_guide/products/lenovo-thinkserver-rd230-megaraid-sas-software-user-guide-7a323ec/71.png)