Manualshelf

Installation guide

ManualsBrandsYotta ManualsConsumer electronics3 SAS
61626364656667686970
Chapter 4. Web Browser-Based Configuration
59
4.6.1.9 Full Volume Encryption:
The RAID subsystem have featured with controller based hardware encryption
function. Controller based hardware encryption describes the encryption of data
occurring at the disk array controller before being sent to the disk drives. Since RAID
controller is a natural central point of all data therefore encryption at this level is
inherent and also reduces deployment complexity. RAID controller has dedicated
electronic circuitry for the cryptographic engine embedded in the ROC and operating
at full channel speeds. The hardware encryption does not impact the performance of
RAID controller and can implement on any kinds of HDD that is transparent to the
user, the OS, and applications.
Encrypting your volume can give your data an extra layer of protection beyond setting
up a controller password. Encryption will conceal your volume’s data and make
accessing the files almost impossible for anyone who does not you’re your encryption
key. Data saved in the volume will be hidden by Algorithm developed. With this
scramble process, no one can see and access into the hidden volume data without
access key. RAID controller support 128bit and 256bit encryption keys using AES (a
key size of 128, or 256 bits), or password (a variable key size). Each encryption key
size causes the algorithm to behave slightly differently, so the increasing key sizes
not only offer a larger number of bits with which you can scramble the data, but also
increase the complexity of the cipher algorithm. RAID controller provide five new key
options in the ‘Full Volume Encryption: ”Disable”, “256Bit key, Password”, 256Bit key,
AES”, “128Bit key, Password”, “128Bit key, AES”. You can generate the new key by
CLI utility or API code function.
This volume encryption function can only work with RAID controller with any kinds of
HDD. You can follow below steps to enable the function.
1. Create volume set with “Full Volume Encryption” capability in the web
management.
2. Use CLI “vsf genkey” command or API code to generate key file.
3. Use “Download Volume Key File” in the web management or use CLI vsf dlkey”
command to download volume key file into firmware and unlock the volume.
4. Follow step 3. to unlock volume if volume locked.
4.6.1.10 Tagged Command Queuing:
The “Enabled” option is useful for enhancing overall system performance under
multi-tasking operating systems. The Command Tag (Drive Channel) function
controls the SAS command tag queuing support for each drive channel. This function
should normally remain “Enabled”. “Disabled” this function only when using SAS
drives that do not support command tag queuing.