Subscribe

ONTAP Recipes: Secure data at rest using software encryption and the onboard key manager

Did you know you can...

 

Secure data at rest using software encryption and the onboard key manager?

 

If you have existing infrastructure and want to encrypt your data for compliance or standard security best practices, use the NVE software-based data-at-rest encryption feature for any SSD or disk type:

 

1. Install the NetApp volume encryption (NVE) license for each node.

 

  system license add -license-code license_key

 

2. Start the key manager setup wizard.

 

  security key-manager setup

 

3. Create a new volume and enable encryption on the volume.

 

   volume create -vserver SVM_name -volume volume_name 
  -aggregate 
aggregate_name -encrypt true

 

Example: cluster1::> volume create -vserver vs1 -volume vol1 -aggregate aggr1 -encrypt true

 

4. Verify that the volume is enabled for encryption.

 

  volume show -is-encrypted true

 

 

For more information, please see the ONTAP 9 documentation center.

Re: ONTAP Recipes: Secure data at rest using software encryption and the onboard key manager

how does one manage the keys?

Re: ONTAP Recipes: Secure data at rest using software encryption and the onboard key manager

Re: ONTAP Recipes: Secure data at rest using software encryption and the onboard key manager

Great reference, thanks Robin!