How to configure the Onboard Key Manager (OKM) for password protected boot
Applies to
- Onboard Key Manager (OKM)
- NetApp Volume Encryption (NVE)
- ONTAP 9
Description
This article describes the procedure to configure the Onboard Key Manager (OKM) for password protected boot.
- ONTAP versions 9.4 and later have the capability to require the Onboard Key Manager (OKM) passphrase during the system boot process.
- The OKM protected boot feature protects the ONTAP system from attackers who might gain physical access to the system.
- The OKM passphrase is required during a system boot when the OKM protected boot feature is enabled.
- This feature is particularly useful when physically transporting the ONTAP system from one location to another.
- If desired, the feature can be enabled for transport, and then disabled once transport is complete.