I needed to quickly swot up on NetApp Volume
Encryption (NVE), hence I compiled a few links I found/thought useful. NVE has
been out since late 2016 now. It’s simple (after less than 2 hours swotting, I
felt I knew everything I needed to know.) Here are the links with a few notes.
Note: Some of these links require you to have
already logged into the relevant website.
(2016.09.26) Behind the Scenes: Episode 59 –
NetApp Volume Encryption
NVE is
available in ONTAP 9.1
Previously, to encrypt data at rest on ONTAP
systems (with NSE), it was an all or nothing deal.
ONTAP 9
introduced the ability to do an on-box key management (for NSE).
With NVE you can encrypt data at a per-volume
level.
NVE leverages the AES-NI capabilities on CPU, so
there are hardware restrictions.
Supported platforms include:
- FAS 6280 and 6290
- FAS 8xxx
- And all the newest released platforms (A series, FAS9xxx, etc)
ONTAP 9 Documentation Center
Configuring NetApp Volume Encryption
Enabling encryption on a new volume
Starting with ONTAP 9.2, you can enable
encryption on a SnapLock volume.
Enabling encryption on an existing volume with
the volume encryption conversion start command
Starting
with ONTAP 9.3, you can use the volume encryption conversion start command to enable encryption on an existing volume.
Enabling encryption on an existing volume with
the volume move start
command
(The only method in ONTAP 9.1 and ONTAP 9.2.)
(VIDEO) NetApp Volume Encryption (NVE)
Setting up the key manager. Encrypting an
existing volume and creating a new volume.
(2018.01.09) Worry Less in the New Year with
NetApp Volume Encryption
Article by Jeff Baxter (Chief Evangelist for
NetApp’s ONTAP Software & Systems Group.)
Docs & Knowledgebase > GPS > NetApp
Volume Encryption (NVE)
Useful links including:
Services Partners: What are the Licensing
details for NetApp Volume Encryption (NVE)?
(PDF Manual) NetApp Encryption Power Guide -
ONTAP 9
(PDF Datasheet) NetApp Volume Encryption
Hardware Universe
If you need to check if platform can do NVE.
Technical FAQ - NetApp Volume Encryption
Arguably the most useful document but it is
only available to NetApp Personnel and Partners. It answered a specific
question I was interested in:
Q: Can my source volume be encrypted and my
SnapMirror target be unencrypted, or conversely?
A: Yes. The source volume and destination
volume can have different encryption settings.
Note: The published NVE datasheet contains
many of details covered in this technical FAQ.
Comments
Post a Comment