跳转到主内容

NSE :如何在更换 NSE 备用驱动器时启用驱动器身份验证

Views:
29
Visibility:
Public
Votes:
0
Category:
data-ontap-8
Specialty:
core
Last Updated:

执行

执行

适用场景

  • 自加密驱动器(SED)
  • NetApp存储加密(NSE)驱动器
  • FIPS认证驱动器
  • ONTAP

问题描述

本文介绍操作步骤如何为替代自加密驱动器(SED)分配驱动器所有权以及重新设置替代驱动器的密钥。

  • 无论使用的密钥ID如何、NetApp存储加密(NSE)和SED驱动器始终处于加密状态。
  • 更换NSE存储系统上的驱动器后、 存储管理员 必须使用有效的密钥ID和身份验证密码短语手动重新设置新备用驱动器的密钥、以保护驱动器上的数据。
  • 默认情况下、替代SED设置为MSID (Mfg安全ID) 0x0、并且驱动器未受到安全保护或锁定。
  • 未锁定的驱动器或身份验证密钥ID为0x0的驱动器不需要密钥ID或密码短语身份验证即可进行数据访问。
  • 在生产环境中使用备用驱动器之前、请务必使用当前密钥ID重新设置该驱动器的密钥并锁定该驱动器(ONTAP 8.3及更低版本)以保护数据。

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.