Creating data encryption keys

If you need to change a data encryption key, create a new data encryption key. 4,048 Free keys or DEK keys are created when you configure encryption environmental settings on the Edit Encryption Environmental Settings window for the first time (this depends on the number of EBEDs and drives setup in the configuration. 4,048 keys are created if maximum EBEDs are installed). After that, you can create 4,096 Free keys or DEK keys. You can create a maximum of 4,096 encryption keys per system.

For VSP G200, when you configure encryption environmental settings on the Edit Encryption Environmental Settings window for the first time, 506 free keys or DEK keys are created. (This differs from the configuration. 506 keys are created if maximum EBEDs are installed). After that, you can create 512 free keys or DEK keys.

For VSP G400, G600 and VSP F400, F600, when you configure encryption environmental settings on the Edit Encryption Environmental Settings window for the first time, 1,018 Free keys or DEK keys are created. (This differs from the configuration. 1,018 keys are created if maximum EBEDs are installed). After that, you can create 1,024 Free keys or DEK keys. You can create up to 1,024 encryption keys per storage system.

For VSP G800 and VSP F800, when you configure encryption environmental settings on the Edit Encryption Environmental Settings window for the first time, 2,024 Free keys or DEK keys are created. (This differs from the configuration. 2,024 keys are created if maximum EBEDs are installed). After that, you can create 2,048 free keys or DEK keys.

After creating data encryption keys, it is strongly recommended that you back up all keys.

Before you begin

  • You must have the Security Administrator (View & Modify) role.

Procedure

  1. Display the Device Manager - Storage Navigator main window.

  2. Select Administration in Explorer, and select Encryption Keys.

    The Encryption Keys window is opened.

  3. Select the Encryption Keys tab.

  4. Click Create Keys.

  5. In the Create Keys window, specify the number of encryption keys you want to create. The encryption keys with the attribute of Free will be set. The key IDs will be automatically assigned.

  6. To backup data encryption keys to the key management server, click Next. Otherwise, click Finish.

  7. In the Confirm window, confirm the settings, and enter your task name in Task Name.

    If you want the Task window to open after you click Apply, select Go to tasks window for status.

    Click Apply.

    The new data encryption key is created.

Parent Topic