Data-at-rest encryption and Rapid Data Locking (RDL)
To understand how the Rapid Data Locking (RDL) feature fits in, it helps to know how Data-At-Rest Encryption works on the Pure Storage FlashArray device. For information about Data-At-Rest Encryption, refer to the wp-flasharray-data-security-and-compliance.pdf document, which is contained in the Pure Storage FlashArray folder on SharePoint.
Some environments require external key management to lock down a forward-deployed array. The Pure Storage FlashArray KMIP RDL solution makes it possible to use the for this purpose.
With KMIP RDL, a secondary user-controllable key is introduced that enables you to unlock the array flash modules. The KMIP keys are remotely accessed from a KMIP server, such as . Without access to the server, the flash modules cannot be unlocked on power-on.
You can enable RDL during installation or at any time thereafter, and it is permanent afterward. It applies to all of an array’s SSDs, including those added afterward.