Got it
Huawei Enterprise Support Community
Community Forums Storage
Data encryption

Data encryption

Created: Sep 24, 2021 14:44:05Latest reply: Oct 29, 2021 13:53:44 331 3 1 0 0
  HiCoins as reward: 0 (problem unresolved)
View the author 1#

Hello everyone!


Dear @Kashif

I want to know what kind of encryption would handle data storage by replication?


HyperMetroHyperReplication

Like (1) Dislike (0) Favorite(0) Share Report
Previous: Default password of mm_user
Next: Failed to create a LUN
Featured Answers

Recommended answer

(0) (0)
little_fish
Admin Created Sep 26, 2021 01:10:23

Hello spiac,
OceanStor Dorado V6 series storage systems support disk encryption, which provides secure storage services without impacting storage performance.

The disk encryption function has the following characteristics:
1. Data in all disks is encrypted transparently without affecting other features such as mirroring, snapshot, deduplication, and compression.
2. Automatic key lifecycle management and the Key Management Interoperability Protocol (KMIP) are supported, ensuring the openness of key management systems.
If you enable Data Encryption when creating a storage pool, disk encryption is enabled. The storage system activates the AutoLock function on self-encrypting drives (SEDs) and uses the authentication keys (AKs) allocated by the key management server. SED access is protected by the AutoLock function and only the storage system itself can access its SEDs. When the storage system accesses an SED, it acquires an AK from the key management server. If the AK's hash value is consistent with that on the SED, the SED decrypts the data encryption key (DEK) for data encryption/decryption. If the AKs' hash values are different, all read and write operations will fail.

If you do not enable Data Encryption when creating a storage pool, disk encryption is disabled and the AutoLock function of SEDs is deactivated. In this case, the SEDs use the default AKs and access to the SEDs is not restricted. The SEDs can be read and written normally. Data written to the SEDs is encrypted using DEKs, regardless of whether Disk Encryption is enabled.

Key management is critical for disk encryption. OceanStor Dorado V6 series storage systems support internal key management.

A core technology for disaster recovery and a foundation that implements remote data synchronization and disaster recovery. This technology remotely maintains a set of data mirrors through the remote data connection function of the storage devices that are separated in different places. Even when a disaster occurs, the data backup on the remote storage device is not affected. Remote replication can be divided into synchronous remote replication and asynchronous remote replication.
Thanks.
View more
  • x
  • convention:
All Answers
(0) (0)
2#
olive.zhao
olive.zhao Admin Created Sep 24, 2021 14:45:03

Hello, dear!
It's nice to meet you in the community.
We're working on your problem. Please be patient.
View more
  • x
  • convention:
(0) (0)
3#
little_fish
little_fish Admin Created Sep 26, 2021 01:10:23

Hello spiac,
OceanStor Dorado V6 series storage systems support disk encryption, which provides secure storage services without impacting storage performance.

The disk encryption function has the following characteristics:
1. Data in all disks is encrypted transparently without affecting other features such as mirroring, snapshot, deduplication, and compression.
2. Automatic key lifecycle management and the Key Management Interoperability Protocol (KMIP) are supported, ensuring the openness of key management systems.
If you enable Data Encryption when creating a storage pool, disk encryption is enabled. The storage system activates the AutoLock function on self-encrypting drives (SEDs) and uses the authentication keys (AKs) allocated by the key management server. SED access is protected by the AutoLock function and only the storage system itself can access its SEDs. When the storage system accesses an SED, it acquires an AK from the key management server. If the AK's hash value is consistent with that on the SED, the SED decrypts the data encryption key (DEK) for data encryption/decryption. If the AKs' hash values are different, all read and write operations will fail.

If you do not enable Data Encryption when creating a storage pool, disk encryption is disabled and the AutoLock function of SEDs is deactivated. In this case, the SEDs use the default AKs and access to the SEDs is not restricted. The SEDs can be read and written normally. Data written to the SEDs is encrypted using DEKs, regardless of whether Disk Encryption is enabled.

Key management is critical for disk encryption. OceanStor Dorado V6 series storage systems support internal key management.

A core technology for disaster recovery and a foundation that implements remote data synchronization and disaster recovery. This technology remotely maintains a set of data mirrors through the remote data connection function of the storage devices that are separated in different places. Even when a disaster occurs, the data backup on the remote storage device is not affected. Remote replication can be divided into synchronous remote replication and asynchronous remote replication.
Thanks.
View more
  • x
  • convention:
(0) (0)
4#
Unicef
Unicef MVE Created Oct 29, 2021 13:53:44

Good answer
View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.