Seagate ST9750420AS Momentus 7200 FDE.1 SATA Product Manual - Page 8
About Momentus 7200 FDE.1 SATA disc drives
View all Seagate ST9750420AS manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 8 highlights
1.2 About Momentus 7200 FDE.1 SATA disc drives Momentus® 7200 FDE.1 SATA drives contain DriveTrust technology providing Full Disc Encryption (FDE) using proven Advanced Encryption Standard (AES) data encryption and decryption. You can elect to use Momentus 7200 FDE.1 SATA drives in one of two different security modes: 1. The ATA Security mode To operate in ATA Security mode, you only need a host system and operating system that supports the existing ATA Security Command Set. The drive is shipped to operating in this mode, ready to use. 2. The DriveTrust Security mode To enable a robust enterprise-level security and management policy, you may elect to operate in DriveTrust Security mode. To do so, you will need to use a third-party security application to manage the DriveTrust features. Please contact your system or software provider for more details. Refer to the table below to determine which mode is best for your particular solution. Table 1: Security feature matrix Feature Password required to unlock Full Disk Encryption At speed encryption Passwords stored securely Quick erase Preboot authentication Master/User passwords Non-FDE drive without ATA Security enabled No No No No No No No ATA Security mode Non-FDE drive with ATA Security enabled Yes No No Yes No No No FDE drive with ATA Security enabled Yes Yes Yes Yes Yes No No DriveTrust mode FDE drive operating in DriveTrust mode via third-party software Yes Yes Yes Yes Yes Yes Yes FDE drive feature list • Automatically encrypts (and decrypts) all data on the drive • Operations are performed with no measurable performance loss • All user data is encrypted on write operations and decrypted on read operations FDE benefits • Drive-level protection of data • Drives that are stolen, taken out of service, or re-purposed remain fully protected • Near instantaneous disposal and re-purposing of the drive (ensures that data from previous user is not accessible by the new drive owner) • Able to be deployed within a trusted computing environment The drive encrypts every write operation and decrypts every read operation without user intervention. The encryption and decryption is done on the drive itself, so there is a near-zero performance impact when the drive writes and reads data. The performance-optimized encryption and decryption engine performs at the SATA interface speed. The purpose of full disc encryption on the drive is to protect the data stored on the drive in the event that the host system is lost or stolen. This data at rest protection assures the system owner that if their system is lost or stolen, their data will not be accessible without the correct credentials. Note. The system reauthenticates the user on powerup and when awakening from sleep mode. It is not necessary to power down to ensure that the system reauthenticates the user. 2 Momentus 7200 FDE.1 SATA Product Manual, Rev. B