Encryption keys are commonly created in the storage system. However, when the key management server is in use, and
Generate Encryption Keys on
Key Management Server is checked in the
Edit Encryption Environmental Settings window, encryption keys will be created on the key management server, and used in the storage system. This topic describes the instructions for creating and backing up the data encryption keys.
a performance-friendly AES-256-XTS encryption capability on the back-end I/O director. This capability protects data at rest on internal storage media (including disk drives and flash drives) attached to those directors. While many levels of encryption are available to the enterprise, protecting data at rest by using the array-level encryption of the storage system provides the following advantages: causes minimal to no performance impact within your operations, remains transparent to existing host servers and switches, shreds storage media by deleting the encryption key, simplifies key management to reduce the risk of the loss of encryption keys and data, and supports logging of encryption and key management events. In addition, many regulations encourage or require encryption of personally identifiable information (PII) and other sensitive data. Array-level encryption handles this type of data as well.
