ONTAP Discussions

Will the data be retrievable after a flexvol is destroyed

tatlee
4,621 Views

Just being asked by the customer, will the data be destroyed when the flexvol destroyed? Or if there is any way that the data can be retrieved? The customer want to make sure the data is destroyed as the data is confidential.

Regards,

Terrence

1 ACCEPTED SOLUTION

amiller_1
4,621 Views

So....the only way to absolutely guarantee that (i.e. in a military or intelligence type of environment) is to use Disk Sanitization....that of course requires destroying the entire aggregate and sanitizing the disks.

For regular people though, you're correct -- there's no way to retrieve a FlexVol after it's been deleted. The data isn't zeroed out on disk but is marked as "free" and used whenever the aggregate needs free blocks.

View solution in original post

6 REPLIES 6

amiller_1
4,622 Views

So....the only way to absolutely guarantee that (i.e. in a military or intelligence type of environment) is to use Disk Sanitization....that of course requires destroying the entire aggregate and sanitizing the disks.

For regular people though, you're correct -- there's no way to retrieve a FlexVol after it's been deleted. The data isn't zeroed out on disk but is marked as "free" and used whenever the aggregate needs free blocks.

radek_kubka
4,621 Views

Disk Sanitization is a way to go - it is free of charge & it actually overwrites the disks, making previously stored data un-recoverable.

As pointed out, deleting flexvol doesn't actually physically destroy the data & I vaguely remember NetApp support guys can (sometimes) help with un-deleting a flexvol (don't quote me on this though).

Regards,
Radek

amiller_1
4,621 Views

I'm pretty sure the only way Global Support could do this would be by rolling back an aggregate snapshot....so you disable those...

I'd be curious to know if I'm wrong here though.

Practically speaking, a volume once deleted can't be recovered (barring someone physically stealing the drives and sending them to a drive recovery place that has reverse engineered WAFL....i.e. back to the "can't be recovered practically speaking").

tatlee
4,621 Views

Thanks Andrew. That's what I need to know.

Regards,

Terrence Lee

NetApp Global Services

NetApp

852.3605.7700 Main

852.9181.8824 Mobile Phone

terrence.lee@netapp.com

Learn how: netapp.com/guarantee

tatlee
4,621 Views

Andrew,

Thanks for the info. There is another stupid question. If I destroyed a flexvol, then I create another with the same size; will the same spaces/cylinders used to form the flexvol as the last one? And will the old data can be seen again?

Regards,

Terrence Lee

NetApp Global Services

NetApp

852.3605.7700 Main

852.9181.8824 Mobile Phone

terrence.lee@netapp.com

Learn how: netapp.com/guarantee

adamfox
4,621 Views

There is no gurantee that you'd get the exact same disks, cylinders, etc.  You should not see the old data when you create the new volume since the blocks will be marked as free even if you got the exact same sectors.

For normal people, destroying a volume is sufficient.  For highly-qualified forensics folks, it's probably not suffcient.  It really depends on who you think is going to try and get your data.  Do an realisitic and honest risk assessment.  For example, if you can't justify paying the service upcharge to not return failed disks, you probably shouldn't worry about this level of data recovery.

Just a thought.

Public