Encryption License Key benefits
The VSP G series and VSP F series storage systems include a data at-rest encryption feature that can be used to provide protections against data breaches associated with storage media (for example, loss or theft). This feature, known as the Encryption License Key feature, includes a controller-based encryption implementation as well as integrated key management functionality that can also leverage third-party key management solutions via the OASIS Key Management Interoperability Protocol (KMIP).
The Encryption License Key feature provides the following benefits:
- Hardware-based Advanced Encryption Standard (AES) encryption, using 256-bit keys in the XTS mode of operation, is provided for open and mainframe systems.
- Encryption can be applied to some or all supported internal drives (HDD, SSD, FMD).
- Each encrypted internal drive is protected with a unique data encryption key.
- Encryption has negligible effects on I/O throughput or latency.
- Encryption requires little to no disruption of existing applications and infrastructure.
- Cryptographic erasure (media sanitization) of data is performed when an internal encrypted drive is removed from the storage system.