System requirements

The following table lists the system requirements for the Encryption License Key feature.

Item	Requirements
Storage system	VSP G200: Firmware 83-03-0x or later VSP G400, G600, G800; VSP F400, F600, F800: Firmware 83-01-0x or later Encryption License Key software license Encrypting back-end directors (EBEDs) For both EBEDs and standard BEDs, spare disks must be installed. The spare disk of an EBED cannot be used as a spare disk of a standard BED, and the spare disk of a standard BED cannot be used as a spare of an EBED.
Device Manager - Storage Navigator	The Security Administrator (View & Modify) role is required to perform encryption operations (for example, enabling and disabling encryption on parity groups, backing up and restoring keys). If you need to restore an encryption key that is not the latest key from a secondary backup copy, you must have the Security Administrator (View & Modify) and Support Personnel (View & Modify) roles. If you plan to enable regular encryption key backups on the key management server, you must designate a specific user as the regular backup user. The regular backup user must have the Security Administrator (View & Modify) role. If you are not logged in as the designated regular backup user, the System Administrator (System Resource Management) role is required to view details about a regular backup task.
Data volumes	Type: Internal. External volumes are not supported.
SVP (Web server)	If you want to protect key encryption keys (KEKs) on the key management server, the SVP must always be up and running. If you want to connect to the key management server by specifying a host name instead of an IP address, you must set up a DNS server on the key management server and then provide the IP address of the DNS server to your service representative.
Key management server (optional)	Protocol: Key Management Interoperability Protocol 1.0 (KMIP 1.0) Software: For the latest information about key management server support, see the Encryption Key Management Server Support Matrix on the Hitachi interoperability site: https://support.hitachivantara.com/en_us/interoperability.html Certificates: The root certificate must be in X.509 format and must be placed on the key management server. For details, see the documentation for the server. The client certificate must be current, not expired, and in PKCS#12 format.