[prev in list] [next in list] [prev in thread] [next in thread] 

List:       toasters
Subject:    Re: Zeroing out disks
From:       Dirk Schmiedt <Dirk.Schmiedt () munich ! netsurf ! de>
Date:       2004-07-30 22:30:15
Message-ID: 410ACBF7.9060405 () munich ! netsurf ! de
[Download RAW message or body]

Hello Chris, hi Toasters

>>If your focus is on data destruction:
>>
>>If you really want to wipe the old data for data security reasons you should
>>buy a "sanitation" license from NetApp to have a legally approved wipe out
>>process.  disk sanitize start ...  
>>
>
>"Legally approved" ? 
>  
>
"Almost" legally approved: The Sysadmin Storage Management Guide pdf, 
Chapter 5) Disk Management, p.233 informs us:
NetApp ONTAP disk sanitation is compliant to U.S. DoD and DoE security 
requirements.
You, as an inhabitant of the "51st state of america" ;-), and probably 
native english speaker can interpret this better than I can do.

>The description in the man page doesn't sound all _that_ strong:
>
>| If no patterns are specified, the default is 3 using pattern 0x55
>| on the first pass, 0xaa on the second, and 0x3c on the third.  
>

The manpage and the Storage MG differ at ONTAP 6.5.1R1:
The Storage Management Guide pdf says: 6 cycles with these three pattern 
are the default behaviour.
The manpage of "disk" talks about just one single default cycle with 
those three different patttern which definitely would be not be enough.

I could not check the correctness of the value in the Storage MG yet, 
because these activities are invisible at the "statit" disk analysis,
and the disk sanitation only shows the progress in % not in cycles.

=> If somebody is really interested in the (current) truth:
Please measure the time needed to wipe it with -c 1, -c 2, ... and 
without any "-c X" to find out the real (current) default number of 
cycles. :-)
I didn't have the time/need to do so yet.

Or maybe just a netapp engineer can clarify the default cycle value?

>Colleagues? (I presume). It's the litigious users I would be worried 
>about, not my colleagues...
>  
>
You guessed right. I meant colleagues. (I should not be sitting at the 
keyboard after twelve hours of giving NetApp lectures in a foreign 
language.)
b.t.w. If you flood the network unnecessary, they all will try to kill 
you (imho). Even if they are not your colleagues. :-) Even I would do 
so. ;-)

Smile & regards!
Dirk

[prev in list] [next in list] [prev in thread] [next in thread]