Storage system requirements

Encryption License Key User Guide for VSP One Block

Version
10.2.x
Audience
anonymous
Part Number
MK-23VSP1B010-00
Item Requirements
Encryption hardware Encryption controllers (ECTLs)

The VSP One Block storage systems are shipped with ECTLs already installed and encryption enabled.

Software license Encryption License Key software license

Note: If the license for Encryption License Key is deleted or expires, encryption keys cannot be created.

User roles The Security Administrator (View & Modify) role is required for setting up encryption, removing encryption, and backing up and restoring encryption keys.

The Storage Administrator (Provisioning) role is required for creating DDP groups.

The Support Personnel (Vendor Only) role is required to restore a non-up-to-date encryption key from a secondary backup.

DNS server If you want to connect to a KMS by specifying a host name instead of an IP address, set the DNS server in the network information of the management port of the storage system.
User interface REST API
  • The REST API client must be installed and configured.
  • The Security Administrator (View & Modify) role is required to perform encryption operations (for example, enabling and disabling encryption on DDP groups, backing up and restoring keys).
  • The Security Administrator (View & Modify) and Support Personnel (View & Modify) roles are required to restore an encryption key that is not the latest key from a secondary backup copy.

VSP One Block Administrator displays the encryption environment settings and information about the encryption keys.

Data volumes Data can only be encrypted on internal volumes of the storage system. External volumes cannot be encrypted.