Item | Requirements |
---|---|
Encryption hardware | Encryption controllers (ECTLs) The VSP One Block storage systems are shipped with ECTLs already installed and encryption enabled. |
Software license | Encryption License Key software license Note: If the license for Encryption License Key is deleted or expires, encryption keys cannot be created. |
User roles | The Security Administrator (View & Modify) role is required for setting up encryption, removing encryption, and backing up and restoring encryption keys. The Storage Administrator (Provisioning) role is required for creating DDP groups. The Support Personnel (Vendor Only) role is required to restore a non-up-to-date encryption key from a secondary backup. |
DNS server | If you want to connect to a KMS by specifying a host name instead of an IP address, set the DNS server in the network information of the management port of the storage system. |
User interface | REST API
VSP One Block Administrator displays the encryption environment settings and information about the encryption keys. |
Data volumes | Data can only be encrypted on internal volumes of the storage system. External volumes cannot be encrypted. |