IBM FlashSystem

IBM FlashSystem

Find answers and share expertise on IBM FlashSystem

 View Only

  • 1.  Secure data deletion on v5000 Gen1 and v3700 Gen1 SANs

    Posted Tue January 09, 2024 06:29 PM

    Hello again, everyone. Do IBM/Lenovo v3700 Gen1 and v5000 Gen1 SANs have a built in mechanism for securely deleting ALL data on them?



    ------------------------------
    John
    ------------------------------


  • 2.  RE: Secure data deletion on v5000 Gen1 and v3700 Gen1 SANs

    Posted Wed January 10, 2024 02:57 AM

    Hi John!

    Can't test it myself right now, as we don't have a V3700 anymore, but I think the closest thing would be to run chrive -task format <drive_id> via cli for each drive.  If I remember correctly that option was not available in the GUI.

    That is of course if you don't use encryption, in which case the easiest way make your data inaccessible is to just destroy all keys.


    Best regards,

      Alexander



    ------------------------------
    Alexander Reichle-Schmehl
    ------------------------------

    Original Message


  • 3.  RE: Secure data deletion on v5000 Gen1 and v3700 Gen1 SANs

    Posted Wed January 10, 2024 04:28 AM

    Hello John,

    there is no built in mechanism for secure data overwrite on this product. You can use the command mentioned by Alexander to format all drives in candidate state using the following syntax:

    lsdrive -nohdr | grep candidate | while read id rest; do svctask chdrive -task format $id; sleep 10; done

    Then you can check the progress with the command "lsdriveprogress"

    Best regards, Mousa



    ------------------------------
    Mousa Hammad
    ------------------------------

    Original Message


  • 4.  RE: Secure data deletion on v5000 Gen1 and v3700 Gen1 SANs

    Posted Wed January 10, 2024 03:02 PM

     BitRaser is tested and approved by NIST and DHS. https://www.bitraser.com/



    ------------------------------
    Russell Shacklock
    IBM Power and Storage Specialist
    TD Synnex UK
    +447872400311
    ------------------------------

    Original Message


  • 5.  RE: Secure data deletion on v5000 Gen1 and v3700 Gen1 SANs

    Posted Wed January 10, 2024 03:09 PM

    Thank you, Russell! I appreciate your input.

    I'll definitely look into it.



    ------------------------------
    John
    ------------------------------

    Original Message


  • 6.  RE: Secure data deletion on v5000 Gen1 and v3700 Gen1 SANs

    Posted Wed January 10, 2024 04:41 AM
    Edited by Patrik Groß Wed January 10, 2024 04:41 AM

    Hello John,

    that depends on which media are installed, if they are classic hard drives, you can format the hard disks after they have been removed from a pool, RAID or DRAID and are available as candidates as described by Alexander and Mousa. This does not work with flash memory on a V3700 Gen 1, as the formatting of the disk is intercepted by the SSD firmware.  The "erase" parameter for chdrive was only introduced with Virtualize 8.3.x. The only way to ensure that SSDs no longer contain any meaningful data in this constellation is to completely overwrite them with random data. Of course, the cluster itself must then be reset.

    Regards Patrik



    ------------------------------
    Patrik Groß
    ------------------------------

    Original Message


  • 7.  RE: Secure data deletion on v5000 Gen1 and v3700 Gen1 SANs

    Posted Wed January 10, 2024 01:29 PM

    Thanks to Alexander, Mousa (again) and Patrik for replying! This is exactly what I was looking for. I'll give it a try when I'm next able to.

    As far as hard drives go, our v3700 SANs have no SSDs in them. However, while unlikely, the v5000 may. Unfortunately, it's offline at the moment, so I can't reach it via the network.

    In the event it does, I may need your collective assistance answering a semi-related question regarding SSDs, which I'll post separately.

    Thanks again for your time!



    ------------------------------
    John
    ------------------------------

    Original Message