Link to home
Start Free TrialLog in
Avatar of DITGUY
DITGUY

asked on

Recommend an SSD with SED?

I'm looking for the largest SSD I can find in the 2.5inch form factor that supports SED (FIPS hardware encryption).

Any ideas? tech sites haven't done great job allowing this type of search it seems.

This is for a laptop
ASKER CERTIFIED SOLUTION
Avatar of Gary Case
Gary Case
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Silly question .. but does your laptop support booting to  a FIPS-enabled device??
Good question dlethe!
Avatar of DITGUY
DITGUY

ASKER

yes it does. according to my desktop manager who orders them. dell sells a 128GB SED SSD minicard drive. been trying to find one for 256GB
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Yes, that one shold work for you then.
I can't speak for this particular product, but I can tell you with 100% confidence that Dell (well LSI) qualifies specific makes/models of SSDs and there are vendor-specific commands involved.

Even if you have the same make/model of device, there is no guarantee it will work.  (Just like in the case of hard drives.   Firmware matters.  Firmware settings matter, and there is a little thing such as a reserved area where some magic happens with a protected region.  

I am not saying that anything other than the specific dell-branded model(s) WON'T work.  I never have had the need to look at this.  I am just warning you that if you want to try, buy from a vendor that lets you return a used SSD!
Why hardware encryption? For security or just for fulfilling a requirement? If you want security don't trust that hardware encryption is more secure than software. Even with hardware encryption you shouldn't use any sleep mode, always tell windows to completely shut down. A lot of PCs store the disk password somewhere, so you don't need to re-enter it when returning from sleep. But then others also don't need to enter it. And don't depend on the password that windows asks when it comes back from sleep. At this time the disk is already unlocked and can often be copied without knowing the windows password.
msifox - your opinion of hardware encryption, specifically SED is inaccurate.

Software encryption is prone to a multitude of attacks that SED encryption is immune to; it is vulnerable to offline attacks; requires drivers that result in portability/compatibility issues; can be disabled; can be cracked by offline attacks.   Heck, you can crack software encryption easily if you can get the host system to run a subroutine that monitors RAM.

SED encryption as ZERO performance impact.  ZERO.  It is not affected by patches, and works with all operating systems, you can have MULTIPLE passwords, concurrently, with different regions of the HDD; no driver headaches; no patches;  no issues with backup/recovery.

SED code authenticates to the drive on power up, via a pre-boot O/S embedded in the controller, and at that point, the job is done.
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of DITGUY

ASKER

dell rep found largest one compatible with our systems but these others would probably worked unofficially.