IBM XIV Storage System 214 With 4TB HDDs

Data at rest encryption helps protect sensitive data stored on the system hardware when it is removed due to decommission or theft, as long as the key used to encrypt the data is protected.

Data at rest encryption is supported on IBM XIV Storage System Model 214 for machine types 2810 and 2812 through the use of HDDs that are self-encrypting. SED capability will be enabled with the release of XIV Storage System software version 11.4. This capability is expected to be available in the fourth quarter of 2013.

With XIV implementation, the encryption key is expected to be provided through a Tivoli Key License Manager server that resides in the customer data center and would be connected to the XIV system. The Key License Manager server is not required to be dedicated to the XIV Storage System and can be shared across multiple products in the datacenter for lower TCO.

Model 214 with SED HDDs is designed to deliver the flexibility to apply the data at rest encryption function at any point in time in the system lifecycle, nondisruptively, and without HDD data rewrite. The system with the SED drives stores the data and can run in regular operational mode without Tivoli key encryption. Data at rest encryption for HDD data is designed to be quickly and nondisruptively applied while running software version 11.4, or higher, on the XIV system, connecting the XIV system to a Tivoli Key License Manager server, and running the ‘hot-encrypt’ XCLI command (one-time operation).

This feature will also be supported through a software upgrade to version 11.4, or higher, on all 4TB systems of this machine type model, which will be available July 25, 2013, and include SED drives by default. No additional hardware changes will be required to apply data encryption at rest functionality on those systems in the future. The 4TB SED drives can operate transparently in nonencrypting machines and will be able to provide the desired level of protection nondisruptively upon upgrade to software version 11.4, or higher, while being connected to Tivoli Key License Manager running the ‘hot-encrypt’ XCLI command.

When XIV releases support for data at rest encryption, planned for release during the fourth quarter of 2013, Model 214 with 4TB HDDs are planned to be able to encrypt the data that resides on the system without additional hardware spending needed for future encryption activation.

Support for data at rest encryption will provide:

• Future nondestructive hot-encryption applied to the data already stored on the system’s HDDs without data rewrite
• Upon hot-encryption, the data that resides both on the HDDs and the SSDs will be protected
• Flexibility in the business decision-making process with the option to buy today and decide to apply later, if or when the need for encryption arises

Key prerequisites
Model 214 with SED drives requires XIV Storage System software version 11.3, or later, to run in regular operational mode (nonencrypting). The system will require XIV Storage System software version 11.4, or later, and connectivity with a Tivoli Key License Manager to run in encrypted mode.

Planned availability date

• July 25, 2013: XIV Storage System Gen3 Model 214 machine type 2810 or 2812, 4TB capacity with SED HDDs
• Fourth quarter, 2013: XIV Version 11.4 software