Note: A new draft version of this publication is now available
IBM® experts recognize the requirement for data protection, both from hardware or software failures, and also from physical relocation of hardware, theft, and retasking of existing hardware.
The IBM DS8870 disk storage system offers encrypted Fibre Channel and flash drives. These Full Disk Encryption drive sets are used with key management services provided by IBM Security Key Lifecycle Manager software to allow encryption for data at rest on a DS8870 system. Use of encryption technology involves several considerations that are critical for you to understand to maintain the security and accessibility of encrypted data.
This IBM Redpaper™ publication contains information that can help Storage Administrators plan for disk encryption. It also explains how to install and manage the encrypted storage and how to comply with IBM requirements for using the IBM DS8870 encrypted storage.
This edition includes updated information for Version 2.5 of the IBM Security Key Lifecycle Manager, and updates for the DS8870 R7.5 GUI support for encryption functions.
Table of contents
Chapter 1. Encryption overview
Chapter 2. DS8000 encryption mechanism
Chapter 3. Planning and guidelines for DS8000 encryption
Chapter 4. DS8000 encryption implementation
Chapter 5. Maintaining the DS8000 encryption environment