Manualshelf

User Manual

ManualsBrandsSeagate Technology ManualsSeagate Technology Hard Drives & Storage2TB ENT CAP 2.5 HDD SATA 7200 RPM 128MB 2.5IN
21222324252627282930
Enterprise Self-Encrypting Drive User’s Guide, Rev. B 23
4.1 Data band rules and guidelines
At the time of shipment from Seagate:
1. The global band (band 0) occupies all of the storage space on the media, LBA (0) through LBA (max). All other
data bands have their range parameter set to zero. In other words, the bands exist but they are not allocated
storage space
2. All data bands have their own credential identified as BandMasterX where X is the band number. All creden-
tials are set to the value of MSID
3. All data bands have their own unique encryption key which is assigned during the manufacturing process
4. All BandMaster Authorities, except the ones managing the Global Band and Band1 are disabled.
The global band cannot be manipulated by the host—it is adjusted automatically by the drive when additional
data bands are allocated.
A new data band is allocated by assigning a start address and an LBA range. The real estate for the new band is
taken from band 0.
The Start LBA of a data band must be exactly divisible by 8—this preserves 4K sector alignment.
If a data band is de-allocated by having its range parameter set to zero, its storage space is returned to band 0.
Data bands may end and begin on consecutive LBAs but they cannot overlap. Band 0 is the only band which can be
discontinuous.
There is no limit to the size of a data band except that:
1. It must be contained within the global band.
2. It must not overlap any previously allocated band.
Since each band has its own encryption key, it may be independently cryptographically erased.
Changing the password on a band has no affect on the band’s encryption key.
Using EraseMaster to change the encryption key on a band has the following effects:
1. The band is crypto erased
2. The band is unlocked for reading and writing
3. The band’s password (BandmasterX) reverts to the value of MSID
When a band is allocated, the storage space surrendered by the global band is effectively crypto erased. This is
because the allocated band has its own pre-defined encryption key. If this new band is de-allocated prior to being
written, the encryption key will revert to that used by the global band and, provided there has been no interim
change to the global band’s encryption key, the original data can be recovered.
Under normal circumstances, Read and write operations are not allowed to cross band boundaries since doing so
would involve an encryption key change and may involve an attempt to read data from a locked band. Of necessity,
some initializing commands (e.g. a Media Format) are allowed to cross bands provided all bands are unlocked prior
to the command being issued.
If an owner decides against using any or all of the additional data bands, it is good practice to take ownership of the
unused bands by personalizing their BandMaster passwords. Failure to do so could result in a Denial of Service
attack.