If this document does not correspond to your current software version, you can go to Download Center to find other available document versions.


QuTS hero 5.0.x

Download (PDF)

Self-Encrypting Drives (SEDs)

A self-encrypting drive (SED) is a drive with encryption hardware built into the drive controller. SEDs automatically encrypt all data as it is written to the drive and decrypt all data as it is read from the drive. Data stored on SEDs are always fully encrypted by a data encryption key, which is stored on the drive's hardware and cannot be accessed by the host operating system or unauthorized users. The encryption key can also be encrypted by a user-specified encryption password that allows the SED to be locked and unlocked.

Because encryption and decryption are handled by the drive, accessing data on SEDs does not require any extra CPU resources from the host device. Data on SEDs also become inaccessible if the SEDs are physically stolen or lost. For these reasons, SEDs are widely preferred for storing sensitive information.

In QuTS hero, you can use SEDs to create SED secure storage pools. You can also use SEDs to create regular storage pools, but the self-encrypting function on the SEDs would be disabled.