Note: A new draft version of this publication is now available
IBM® recognizes the requirement for data protection, both from hardware or software failures, and also from physical relocation of hardware, theft, and retasking of existing hardware.
The IBM DS8000® Series offers encrypted Fibre Channel drives. These Full Disk Encryption drive sets are used with key management services provided by IBM Tivoli® Key Lifecycle Manager software to allow encryption for data at rest on a DS8000 Storage System. Use of encryption technology has a number of considerations that are critical for you to understand to maintain the security and accessibility of encrypted data.
This IBM Redpaper™ publication contains information that can help customers and storage administrators plan for disk encryption.
This paper also explains how to install and manage the encrypted storage, and how to comply with IBM requirements for using the IBM DS8000 encrypted storage.
This edition includes updated information for version 2.0.1 of the IBM Tivoli Key Lifecycle Manager and support for IBM System Key Lifecycle Manager for z/OS® environments.
Table of contents
Chapter 1. Encryption overview
Chapter 2. DS8000 encryption mechanism
Chapter 3. Planning and guidelines for DS8000 encryption
Chapter 4. DS8000 encryption implementation
Chapter 5. Maintaining the DS8000 encryption environment
Chapter 6. Integrating encryption devices