RSA Series 6E Core and Hybrid hosts have Self-Encrypting Drives (SED). The encryptSedVd.py script:
- Validates that the Series 6E host has the correct setup for encryption.
- Encrypts unencrypted drives.
Note: For external storage devices such as PowerVault, refer to "Configure Storage Using the REST API" under "Using the REST API to Configure Storage" for instructions on how to encrypt their SED drives.
The following scenarios are examples of why you would use the encryptSedVd.py script.
- You want to know if a physical host has encryption. In this case, if the script determines that the device does not have encryption, it gives you the opportunity to encrypt it.
- You set up a device without encryption and you want to encrypt it.
You will find this script in the rsa-sa-tools directory for releases 11.4.0.0 and later. The following directory is for 11.4.0.0.
rsa-sa-tools-11.4.0.0-<needBuildNumberFromMark>.noarch.rpm
The following procedure illustrates how to use the script.
- Log in as root.
- Change the directory to the rsa-sa-tools RPM base directory:
cd /opt/rsa/saTools/supportScript/
- Execute the following command:
OWB_ALLOW_NON_FIPS=1 ./encryptSedVd.py
The script tells you if the disks are encrypted or not encrypted. - If the drives are not encrypted and you want to encrypt them:
- Select the drives you want to encrypt with the space bar and press Enter.
The following prompt is displayed.
- In the Enter Passphrase text box, type the <passphrase>, for example nFreDaW$792, and press Tab.
- In the Verify Passphrase text box, re-enter passphrase again for validation.
- In the Key ID (optional) text box, enter an optional ID string for the security key less than 256 characters or press Enter for none.
The following prompt is displayed.
- Select <Y> and press Enter to confirm that you added the Passphrase.
- Submit the following command string to verify that the SED drives are encrypted.
/opt/MegaRAID/perccli/perccli64 /c0 show more
The following information is displayed. You can see that all four SED drives are encrypted (that is, Y is displayed for each drive in the SED column).
You will find detailed information on perccli commands in the Dell PowerEdge RAID Controller CLI Reference Guide (http://l4u-00.jinr.ru/pub/misc/h-w/LSI/dell-sas-hba-12gbps_reference-guide_en-us.pdf).
- Select the drives you want to encrypt with the space bar and press Enter.
Previous Topic:Appendix A. How NetWitness Platform Hosts Store Data
Next Topic:Appendix C. Troubleshooting
You are here
Table of Contents > Appendix B. Encrypt a Series 6E Core or Hybrid Host (encryptSedVd.py)