Intel, please confirm the following:
- With the Intel M.2 Pro 2500 & the 2.5" S3500 SSD's, if we enable the Bios HD password on the Dell Laptop (E6440 & E7450), that the Full Disk Encryption (AES 256) is then enabled on those drives without any other software needed?
The above is how we have our Intel 2.5" 320 SSD's setup. I want to make sure as we move to hundreds of new Intel M.2 Pro 2500 & 2.5" S3500 SSD's, the above is accurate for FDE?
The Intel® SSD Pro 2500 and Intel® SSD DC S3500 are Self Encrypting drives, supporting AES 256-bit hardware encryption.
This feature is always enabled and the data is encrypted and decrypted using a key, however, this is transparent to the the user unless you set a password (for example using ATA password security in the BIOS), then the password will be needed to decrypt the encryption key and access the drive. This way, it would be virtually impossible to read the data unless you have the security password.
It is good to mention that the Intel® SSD Pro 2500 also supports TCG* Opal SSC which is not compatible with ATA security. If you plan to use Opal security (for example with Windows eDrive*), make sure there is no ATA password configured.
Thank you Jonathan.
We currently use ATA passwords in the laptops bios as a key to encrypt/decrypt our current 400+ batch of Intel SSD's. Per your reply above, we should be able to continue using this method for the Intel SSD Pro 2500 (M.2) & the 2.5" S3500 & I am assuming S3610's.
Can you provide a link to specific PDF or docs from Intel's site that verifies the above for the models above. I can find the PDF files for the Intel SSD 320 regarding ATA HD passwords, but I cannot find any docs on Intel's site that states that you can use the ATA bios HD password as the key to encryption/decrypting the Pro 2500 or the S3500. The docs for the Pro 2500 & S3500 only talk about Opal, which we are not interested in at this time.
We do not have updated PDF files that explain this specifically for the drives you mention, however, you can continue to use the same security method with you new drives.
Having an updated document with this information would be great and we will take your feedback into consideration, but this will have to be analyzed and would take time to be implemented.
For now, the product specifications of the Intel® SSD Pro 2500 mention that is a hardware-based self-encrypting drive (SED), also, you can find a response to a similar question about the Intel® SSD DC S3500 in the following thread:
Also, you can find more information about SED drives, AES and ATA password behavior in page 3 of the following document: