Home > Storage > Unity XT > Storage Admin > Dell Unity Dynamic Pools > Data at Rest Encryption
Data at Rest Encryption (D@RE) is fully supported on systems utilizing traditional pools and dynamic pools. With dynamic pools, changes to the D@RE algorithm were needed for D@RE to be supported. With traditional pools, encryption keys are created and allocated on a per drive basis within the traditional pool private RAID groups. This allocation of encryption keys occurs whenever a pool is created, or drives are added to the traditional pool. Knowing that the drive configuration is static, this model for allocating keys is complete.
With dynamic pools, multiple private RAID groups can span the same drives within a drive partnership group, which makes the traditional pool method of allocating keys not feasible. The key allocation algorithm has been updated to work with the tracking of the drive extents within each drive partnership group. The drive extent algorithm tracks which drives are used within the pool, and with this information, D@RE keys can be allocated to each individual drive. As drives are allocated to the pool, new keys can also be supplied. D@RE continues to be enabled at the time the storage system is initialized, and no further steps are needed for dynamic pools. For more information on Data at Rest Encryption, review the white paper Dell Unity: Data at Rest Encryption – A Detailed Review on Dell Technologies Info Hub.