Skip to main content
NetApp Knowledge Base

Is there a benefit to using NAE and NSE?

Views:
337
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
core
Last Updated:

Applies to

  • ONTAP 9
  • NetApp Storage Encryption
  • NetApp Aggregate Encryption
  • NetApp Volume Encryption

Answer

The benefit is by having software (NVE or NAE) and hardware (NSE or NVMe SED), you can achieve double encryption at rest.

Hardware-based data-at-rest encryption (NSE,NVMe SEDs):

  • To prevent unauthorized access to the data, the storage system must authenticate itself with the locked disk using an authentication key at next disk powered-on or powercycle event.

Is there a benefit to using NAE and NSE

Software-based data-at-rest encryption (NVE, NAE):

  • NAE allows ONTAP to encrypt data for each volume, and the volumes can share keys across the aggregate. NVE allows ONTAP to encrypt data
    for each volume for granularity.

Software-based data-at-rest encryption (NVE, NAE)

These technologies encrypt data at the volume and aggregate level, respectively, making the solution agnostic of the physical drive. By using both software (NVE or NAE) and hardware (NSE or NVMe SED), you can achieve double encryption at rest.

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.