- ONTAP 9
- Onboard Key Manager (OKM)
- NetApp Volume Encryption (NVE)
- NetApp Storage Encryption (NSE)
The cluster passphrase used to configure OKM is unknown and there are encrypted volumes or disks.
- ONTAP provides the ability to be configured for onboard key management to encrypt data at rest.
- The configuration is secured with a cluster-wide passphrase that is entered when the onboard key manager is configured and can be changed as needed.
- If the cluster-wide passphrase is lost, the recovery procedure involves unencrypting any volume using NVE or NAE encryption in order to reconfigure onboard key manager.