6Security Key And RAID ManagementSecurity Key ImplementationThe Dell PowerEdge RAID Controller (PERC) H730P card supports Self-Encrypting Disks (SED) forprotection of data against loss or theft of SEDs. Protection is achieved by the use of encryptiontechnology on the drives. There is one security key per controller. You can manage the security keyunder Local Key Management (LKM). The key can be escrowed in to a file using Dell OpenManagestorage management application. The security key is used by the controller to lock and unlock access toencryption-capable physical disks. In order to take advantage of this feature, you must:1. Have SEDs in your system.2. Create a security key.Security Key Management In The BIOS ConfigurationUtilityThe Dell OpenManage storage management application and the BIOS Configuration Utility ( )of the controller allow security keys to be created and managed as well as create secured virtual disks.The following section describes the menu options specific to security key management and providedetailed instructions to perform the configuration tasks. The contents in the following section apply tothe BIOS Configuration Utility ( ). For more information on the management applications, seeManagement Application For PERC Cards.• The Virtual Disk Management screen, VD Mgmt, is the first screen that is displayed when you access aRAID controller from the main menu screen on the BIOS Configuration Utility ( ). Thefollowing are security-related actions you can perform through the virtual disk management menu:– Security Key Management—Creates, changes, or deletes the security settings on a controller.– Secure Disk Group—Secures all virtual disks in disk group.• The Physical Disk Management screen, PD Mgmt, displays physical disk information and actionmenus. The following are security-related actions you can perform through the physical diskmanagement menu:– Instant Secure Erase—Permanently erases all data on an encryption-capable physical disk andresets the security attributes.For more information on the Physical Disk Management screen and Virtual Disk Management screen, seePhysical Disk Management (PD Mgmt) and Virtual Disk Management respectively.Local Key Management (LKM)You can use LKM to generate the key ID and the passphrase required to secure the virtual disk. You cansecure virtual disks, change security keys, and manage secured foreign configurations using this securitymode.65