Intel SSD drive encryption.

Version 1
    This document was generated from CDN thread

    Created by: James Horsfall on 18-04-2012 03:42:02 PM
    Hello everyone, 
     
    We have an SRE-V 900 that runs a linux VM, we want to give this unit to customers to demo our software but we're trying to prevent them from being able to remove drives and pull down the VM immage. They will retain ownership of this unit soley for a period of time. I am interested to see if the Intel SSD drive encryption would be something I can use in conjunction with a SRE. So this sparks several questions that I've been suck on, if anyone cna provide some insight that would be greatly apreciated!
     
     
    -Does the ESX hypervisor reside on the drives or is it in some other location on the SRE?
    -Can I even use an intel SSD with an SRE, is this simply plug and play?
    -How would I enter the passphrase when using the intel SSD encryption feature?
     
     
    Thanks all!

    Subject: Re: New Message from James Horsfall in Service Ready Engine Virtualization
    Replied by: Anurag Gurtu on 18-04-2012 03:48:29 PM
    ESXi software is installed on an embedded USB chip within SRE hardware.

    Currently we do not have SSD / SED drives available for SRE hardware. The drives are plug and play provided they are compatible with SRE and purchased from Cisco. Drives bought from a retail store wouldn't get recognized by SRE.

    Thanks

    Anurag Gurtu

    Subject: RE: Re: New Message from James Horsfall in Service Ready Engine Virtualizat
    Replied by: James Horsfall on 18-04-2012 04:12:50 PM
    ESXi software is installed on an embedded USB chip within SRE hardware.

    Currently we do not have SSD / SED drives available for SRE hardware. The drives are plug and play provided they are compatible with SRE and purchased from Cisco. Drives bought from a retail store wouldn't get recognized by SRE.

    Thanks

    Anurag Gurtu

     
    Thanks Anurag,
     
    that throws that out the window, so can the drives be read without the SRE?
    would this damage anything if I tried?
     
    Besides putting this in a RAID 0 is there any other way to protect the data?

    Subject: RE: New Message from James Horsfall in Service Ready Engine Virtualization
    Replied by: Anurag Gurtu on 18-04-2012 04:26:29 PM
    If you can get a connector and mount the drives on a running OS then yes they can be read the content provided the software you are using to mount the drives reads volumes over RAID 0. I don’t think it’s easy but possible.



    Thanks



    Anurag Gurtu, CISSP

    +1 408 424 1680 (O)

    +1 323 620 3224 (C)



    From: Cisco Developer Community Forums [mailto:cdicuser@developer.cisco.com]
    Sent: Wednesday, April 18, 2012 1:13 PM
    To: cdicuser@developer.cisco.com
    Subject: New Message from James Horsfall in Service Ready Engine Virtualization - SRE-V Technical Questions: RE: Re: New Message from James Horsfall in Service Ready Engine Virtualizat



    James Horsfall has created a new message in the forum "SRE-V Technical Questions":

    --------------------------------------------------------------

    ESXi software is installed on an embedded USB chip within SRE hardware.

    Currently we do not have SSD / SED drives available for SRE hardware. The drives are plug and play provided they are compatible with SRE and purchased from Cisco. Drives bought from a retail store wouldn't get recognized by SRE.

    Thanks

    Anurag Gurtu



    Thanks Anurag,

    that throws that out the window, so can the drives be read without the SRE?
    would this damage anything if I tried?

    Besides putting this in a RAID 0 is there any other way to protect the data?
    --
    To respond to this post, please click the following link:

    <http://developer.cisco.com/web/srev/forums/-/message_boards/view_message/5484256>

    or simply reply to this email.