... or, what the heck do we do with these FIPS disks? 😉
I recently installed some StorageGRID SG6060 storage nodes, where the E2860 chassis came with FIPS disks (specifically SG6060,4U,2x1.6TB SSD,58x10TB FIPS). And it took me a while to work out how to utilize the FIPS disks. The answer is below.
Official NetApp documentation is here and covers extra options that are not listed below: Review StorageGRID encryption methods (netapp.com)
Option 1) Node Encryption in the StorageGRID Appliance Installer
This needs to be selected before install but has nothing to do with hardware encryption (disks.)
Would need to be managed for each E-Series array but could be enabled post StorageGRID Appliance installation.
Option 4) Storage Object Encryption in Grid Manager
This can be enabled/disabled at any time (but previously unencrypted objects will not be encrypted, encryption will only apply to new objects.)
And then, there is also object storage-side encryption, and storage-side encryption with client-specified keys (SSE and SSE-C). See this page for a start of all options: https://docs.netapp.com/us-en/storagegrid-118/admin/reviewing-storagegrid-encryption-methods.html
ReplyDeleteAnd then there is also object storage-side encryption and storage-side encryption with customer-provided keys (SSE and SSE-C). See this page for more info: https://docs.netapp.com/us-en/storagegrid-118/admin/reviewing-storagegrid-encryption-methods.html
ReplyDelete