Seagate ST9160414ASG ユーザーズマニュアル
2
Momentus 7200 FDE.1 SATA Product Manual, Rev. A
1.2
About Momentus 7200 FDE.1 SATA disc drives
Momentus
®
7200 FDE.1 SATA drives contain DriveTrust technology providing Full Disc Encryption (FDE)
using proven Advanced Encryption Standard (AES) data encryption and decryption.
You can elect to use Momentus 7200 FDE.1 SATA drives in one of two different security modes:
1.
The ATA Security mode
To operate in ATA Security mode, you only need a host system and operating system that supports the
existing ATA Security Command Set. The drive is shipped to operating in this mode, ready to use.
existing ATA Security Command Set. The drive is shipped to operating in this mode, ready to use.
2.
The DriveTrust Security mode
To enable a robust enterprise-level security and management policy, you may elect to operate in
DriveTrust Security mode. To do so, you will need to use a third-party security application to manage the
DriveTrust features. Please contact your system or software provider for more details.
DriveTrust Security mode. To do so, you will need to use a third-party security application to manage the
DriveTrust features. Please contact your system or software provider for more details.
Refer to the table below to determine which mode is best for your particular solution.
FDE drive feature list
• Automatically encrypts (and decrypts) all data on the drive
• Operations are performed with no measurable performance loss
• All user data is encrypted on write operations and decrypted on read operations
FDE benefits
• Drive-level protection of data
• Drives that are stolen, taken out of service, or re-purposed remain fully protected
• Near instantaneous disposal and re-purposing of the drive (ensures that data from previous user is not
accessible by the new drive owner)
• Able to be deployed within a trusted computing environment
The drive encrypts every write operation and decrypts every read operation without user intervention. The
encryption and decryption is done on the drive itself, so there is a near-zero performance impact when the
drive writes and reads data. The performance-optimized encryption and decryption engine performs at the
SATA interface speed.
encryption and decryption is done on the drive itself, so there is a near-zero performance impact when the
drive writes and reads data. The performance-optimized encryption and decryption engine performs at the
SATA interface speed.
The purpose of full disc encryption on the drive is to protect the data stored on the drive in the event that the
host system is lost or stolen. This data at rest protection assures the system owner that if their system is lost or
stolen, their data will not be accessible without the correct credentials.
host system is lost or stolen. This data at rest protection assures the system owner that if their system is lost or
stolen, their data will not be accessible without the correct credentials.
Note.
The system reauthenticates the user on powerup and when awakening from sleep mode. It is not
necessary to power down to ensure that the system reauthenticates the user.
necessary to power down to ensure that the system reauthenticates the user.
Table 1:
Security feature matrix
ATA Security mode
DriveTrust mode
Feature
Non-FDE drive
without ATA Security
enabled
without ATA Security
enabled
Non-FDE drive with
ATA Security enabled
ATA Security enabled
FDE drive with ATA
Security enabled
Security enabled
FDE drive operating in
DriveTrust mode via
third-party software
DriveTrust mode via
third-party software
Password required to unlock
No
Yes
Yes
Yes
Full Disk Encryption
No
No
Yes
Yes
At speed encryption
No
No
Yes
Yes
Passwords stored securely
No
Yes
Yes
Yes
Quick erase
No
No
Yes
Yes
Preboot authentication
No
No
No
Yes
Master/User passwords
No
No
No
Yes