cancel
Showing results for 
Search instead for 
Did you mean: 

Intel 320-series SSD and FDE (Full Disk Encryption) questions...

idata
Esteemed Contributor III

I am considering to buy a couple of new solid state drives for my company. A requirement is FDE and according to some info I found the new 320 series should support this. I have a few questions:

1. As far as I know none of our computers have any support in BIOS for disk password. Is this required for FDE to work with the 320 series or how exactly does the encyption / password entry work?

2. If we would like to use a RAID configuration (RAID 0 striping) is it still possible to use FDE and if so do one have to enter a password for each disk?

3. What about using two disks in the samer computer (non-raid) that is used to dual boot two different operating systems (say Linux and Windows 7) installed one OS on each drive - does FDE work in this case and would one have to enter a password twice?

4. Is the FDE solution dependent on some support in the OS (in that case what OS does it work with) or is it independent?

5. Do you have some white paper about the FDE with for instance information about how much slower it is compared to a non FDE drive?

6. I have read that TRIM does not work with SSDs in RAID configuration. Is this still the case and how dependent is the 320-series of TRIM?

/Trist

CORRECTION : I just found that our Dell Precision M6500 computers do have a field in the BIOS for disk password so I am interested in the questions above (two disks in the machine with or without RAID) also for this configuration. How do I know if the 320-serias FDE is compatible with the disk password setting in the dell M6500 machines? Is there a standard for this that all BIOS manufacturers follows or??

123 REPLIES 123

idata
Esteemed Contributor III

setting a hard drive password for the drive itself is setting an ATA password for the drive. your bios must have this option And i thought your HP model does but i think they call it something else And theres little documentation on how HP implements it...

setting this will secure your drive since the 520 is self encrypting... if you have your old laptop you can try putting the drive into it And set a hard disk password then pop the drive into the HP And see if you can boot after entering the drive password if it prompts you...

idata
Esteemed Contributor III

thank you. thannks for posting the chart!

idata
Esteemed Contributor III

if you have a mac, like me, you cannot take advantage of this feature. Apple has left out the ATA security password feature in its EFI implementation. There is nothing that can be done unless Apple issues a firmware update adding support for this feature. Yay apple.

idata
Esteemed Contributor III

So let me get this straight, if I don't have the HDD password or SATA password function in my BIOS then I am not able to take advantage of the FDE encryption on the 320 series?

If true that is pretty lame, seeing as how a good number of people get these drives for their desktop computers, which are less likely to have that option in their BIOS settings. I checked mine earlier hoping that I did have it, but go figure, I do not. I only have User password and Supervisor password, even checking through every BIOS setting there is no mention of SATA password or HDD password.

So what are my options? Am I completely out of luck?

idata
Esteemed Contributor III

Search for ATA security eXtension (ATASX). This approach uses discrete LAN controller (its bootrom to be more precise) to add ATA password prompt during boot. It works only if disk is in IDE mode.

You can boot to one of the micro-linuxes or live-cds and use hdparm utility to manipulate ATA security state of the disk. This should work in AHCI as well as IDE mode. Security status (locked/unlocked/frozen) is preserved during warm reboot.