Self-Encrypting Drive (SED) refers to SSDs with built-in full-disk encryption. The SED feature provides data privacy security against SSD theft. The customer can enable SSD data encryption, based on an authentication password. The Pre-Boot Authenticator is stored in SSD’s Controller MBA and unlocks the drive during the boot process.
Minimum BIOS Versions
- NSR-COMP-EXPN (10518T00)
- NSR (10518T00)
- GSR (10617T00)
- LSR (10730T00)
- BSR (10813T00)
Device Conditions
- System’s Boot Mode must be UEFI.
- Self-Encrypting Drive Pre-Boot Authenticator must be installed.
- After feature is enabled, a power cycle is required to activate.
- Lock Password is required to disable this feature.
Security Adjustments to System
- PxE Boot is disabled.
- Boot Order is set to SSD Only.
- When Password-and Protected Boot is enabled, use of Rescue Mode requires authentication.
- Secure Boot is strongly recommended.