User's Manual

ManualsBrandsHP ManualsSoftwareSecure Encryption

Contents 3

Contents

Overview ..................................................................................................................................... 5

About HP Secure Encryption .......................................................................................................................... 5

Benefits ............................................................................................................................................. 6

Encryption features ............................................................................................................................. 6

HP ProLiant servers ............................................................................................................................. 9

Solution components ........................................................................................................................... 9

Planning .................................................................................................................................... 13

Encryption setup guidelines ......................................................................................................................... 13

Recommended security settings at remote sites .............................................................................................. 13

Encrypted backups ..................................................................................................................................... 13

Security domains ........................................................................................................................................ 14

Deployment scenarios ................................................................................................................................. 14

Remote and local key management requirements ................................................................................. 14

Configuration ............................................................................................................................. 15

Local key management mode ...................................................................................................................... 15

Configuring the controller (local mode) ............................................................................................... 15

Remote Key Management Mode .................................................................................................................. 17

Configuring Remote Key Management Mode ...................................................................................... 17

Configuring the controller (remote mode) ............................................................................................ 31

Operations................................................................................................................................. 33

Accessing Encryption Manager ................................................................................................................... 33

Opening Encryption Manager ........................................................................................................... 33

Logging into Encryption Manager ...................................................................................................... 33

Managing passwords ................................................................................................................................. 34

Set or change the Crypto Officer password ........................................................................................ 34

Set or change the password recovery question .................................................................................... 35

Set or change user account password ................................................................................................ 35

Set or change the controller password ................................................................................................ 36

Suspending the controller password ................................................................................................... 37

Resuming the controller password ...................................................................................................... 38

Working with keys ..................................................................................................................................... 39

Changing the Master Encryption Key ................................................................................................. 39

Rekeying the Drive Encryption Keys .................................................................................................... 39

Rescanning keys .............................................................................................................................. 40

Creating a plaintext volume......................................................................................................................... 40

Converting plaintext volumes into encrypted volumes ..................................................................................... 43

Changing key management modes .............................................................................................................. 44

Enabling/disabling plaintext volumes ........................................................................................................... 45

Enabling/disabling the firmware lock ........................................................................................................... 46

Enabling/disabling local key cache ............................................................................................................. 47

Importing drive sets in Local Key Management Mode..................................................................................... 48

Importing drives with different Master Keys ......................................................................................... 48

Maintenance .............................................................................................................................. 50

Controllers ................................................................................................................................................. 50