Seagate ST9250424AS Computer Drive User Manual


 
2
Momentus 7200 FDE.1 SATA Product Manual, Rev. A
1.2 About Momentus 7200 FDE.1 SATA disc drives
Momentus
®
7200 FDE.1 SATA drives contain DriveTrust technology providing Full Disc Encryption (FDE)
using proven Advanced Encryption Standard (AES) data encryption and decryption.
You can elect to use Momentus 7200 FDE.1 SATA drives in one of two different security modes:
1. The ATA Security mode
To operate in ATA Security mode, you only need a host system and operating system that supports the
existing ATA Security Command Set. The drive is shipped to operating in this mode, ready to use.
2. The DriveTrust Security mode
To enable a robust enterprise-level security and management policy, you may elect to operate in
DriveTrust Security mode. To do so, you will need to use a third-party security application to manage the
DriveTrust features. Please contact your system or software provider for more details.
Refer to the table below to determine which mode is best for your particular solution.
FDE drive feature list
Automatically encrypts (and decrypts) all data on the drive
Operations are performed with no measurable performance loss
All user data is encrypted on write operations and decrypted on read operations
FDE benefits
Drive-level protection of data
Drives that are stolen, taken out of service, or re-purposed remain fully protected
Near instantaneous disposal and re-purposing of the drive (ensures that data from previous user is not
accessible by the new drive owner)
Able to be deployed within a trusted computing environment
The drive encrypts every write operation and decrypts every read operation without user intervention. The
encryption and decryption is done on the drive itself, so there is a near-zero performance impact when the
drive writes and reads data. The performance-optimized encryption and decryption engine performs at the
SATA interface speed.
The purpose of full disc encryption on the drive is to protect the data stored on the drive in the event that the
host system is lost or stolen. This data at rest protection assures the system owner that if their system is lost or
stolen, their data will not be accessible without the correct credentials.
Note. The system reauthenticates the user on powerup and when awakening from sleep mode. It is not
necessary to power down to ensure that the system reauthenticates the user.
Table 1: Security feature matrix
ATA Security mode DriveTrust mode
Feature
Non-FDE drive
without ATA Security
enabled
Non-FDE drive with
ATA Security enabled
FDE drive with ATA
Security enabled
FDE drive operating in
DriveTrust mode via
third-party software
Password required to unlock No Ye s Ye s Ye s
Full Disk Encryption No No Yes Yes
At speed encryption No No Yes Yes
Passwords stored securely No Ye s Ye s Ye s
Quick erase No No Yes Yes
Preboot authentication No No No Yes
Master/User passwords No No No Yes