Skip to main content

NetApp_Insight_2020.png 

NetApp Knowledgebase

How to cryptographically sanitize a system with all self-encrypting disks (SEDs)

Views:
61
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
core
Last Updated:

Applies to

  • SED
  • NSE
  • Encryption

Description

 Sanitizing one or more self-encrypting disks (SEDs), renders the existing data on the SEDs impossible to retrieve. This operation employs the inherent erase capability of SEDs to perform all of the following changes:

  • Changes the disk encryption key to a new random value
  • Resets the power-on lock state to false
  • Sets the data authentication key (AK) to the default manufacture secure ID (MSID).
 
There is no method to restore the disk encryption key to its previous value, meaning that you cannot recover the data on the SED.
 
Use this command with extreme care.