2
Momentus 5400 FDE Product Manual, Rev. C
1.2 About Momentus 5400 FDE disc drives
The Momentus 5400 FDE contains drive trust technology providing Full-Disc Encryption (FDE) using proven
Triple DES (TDES) data encryption and decryption.
Feature list
• Automatically encrypts (and decrypts) all data on the drive
• Operations are performed with no measured performance loss
• All user data is encrypted on write operations and decrypted on read operations
Benefits
• Drive-level protection of data
• Drives that are stolen, taken out of service, or re-purposed remain fully protected
• Near instantaneous disposal and re-purposing of the drive (ensures that data from previous user is not
accessible by the new drive owner)
• Able to be deployed within a trusted computing environment
The drive encrypts every write operation and decrypts every read operation without user intervention. The
encryption and decryption is done on the drive itself, so there is a near-zero performance impact when the
drive writes and reads data. The performance-optimized encryption and decryption engine performs at the ATA
interface speed.
The purpose of full-disc encryption is to protect the data stored on the drive in the event that the host system is
lost or stolen. This assures the system owner that if their system is lost or stolen, their data will not be accessi-
ble without the correct credentials.
Having the encryption/decryption on the drive also provides the highest level of security for data because all
data, including the boot sector bytes, operating system, temp and even the swap files are encrypted at the
drive level.
The Momentus 5400 FDE contains two security interfaces:
1. The ATA Security Interface
This interface is provided for compatibility with the existing ATA Security Command Set. The ATA Security
Interface is active upon shipment and ready for use.
2. The Drive Trust Security Interface
This interface is provided to enable a robust enterprise-level security and management policy. Use of the
Drive Trust Security Interface requires additional software to manage the Drive Trust interface. Please con-
tact your system or software provider for more details.
1.2.1 Drive state upon shipment
Upon shipment from the Seagate factory, the ATA Security Interface is enabled and functioning. The following
is the detailed state of the drive upon shipment.
• Full Disc Encryption (FDE) is active and functioning. All user data is encrypted on write and decrypted on
read.
• The user interface to the drive is active and all read and write commands are allowed.
• The ATA user password is null (no value).
• The ATA master password is set to the Security ID (SID).
• ATA Security is set to the unlocked state. No password is required to access the drive.