As Stated previously, you need to order the feature code to enable encryption and you will need to create the arrays as encrypted. If you have already configured your pools and Arrays, you cannot convert from non encrypted to encrypted without recreating those objects.
For more information on this and other security topics, please reference the documentation:
https://www.ibm.com/docs/en/flashsystem-9x00/8.5.x?topic=planning-security
https://www.ibm.com/docs/en/flashsystem-9x00/8.5.x?topic=configuring-encryption
https://www.redbooks.ibm.com/abstracts/redp5678.html
------------------------------
Evelyn Perez
------------------------------
Original Message:
Sent: Sun February 26, 2023 08:44 AM
From: T Masteen
Subject: IBM FlashCore Modules Encryption
In Redpaper IBM FlashSystem 9500 Product Guide is written:
The IBM FlashCore Modules and NVMe Flash SSD type drives, including the SCMs, in the IBM FlashSystem 9500 control enclosure are self-encrypting drives (SEDs).
With SEDs, you can encrypt the data on the drive within the hardware.
You can use SEDs without enabling encryption on the system, but SEDs are unlocked by default unless they are configured with extra protection.
Q: How do we configure the extra protection?
------------------------------
T Masteen
------------------------------