Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Secure erase hard drives Dell PE 195

Posted on 2013-06-21
12
Medium Priority
?
979 Views
Last Modified: 2016-11-23
I have a Dell PE 1950 server with a PERC 5/I embedded SAS controller.

I need to securely erase some SAS drives.

I do not see any way in the controller configuration to just pass through the drives, instead I can only create virtual drives, which does not securely erase the drive.

Any ideas?
0
Comment
Question by:John Tolmachoff
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
  • +1
12 Comments
 
LVL 47

Assisted Solution

by:David
David earned 2000 total points
ID: 39267381
If you don't want to get a JBOD SAS controller, then configure a RAID1 & erase the volume.  You'll get 99.999% of the drive .. everything except for a few MB of data structures specific to the controller.  No user data will be there.
0
 
LVL 56

Expert Comment

by:andyalder
ID: 39268110
If you configure one virtual drive that uses all the space then dban will erase all the user data except for anything that's been relocated to a spare block. Or you can configure each disk as a single virtual drive and do the same erase.

There are some paid-for products that understand the controller so can deconstruct the RAID into individual disks and then print off a certificate with the serial number of the disk on it for "proof" if needed.
0
 
LVL 30

Expert Comment

by:pgm554
ID: 39268113
I think if you just set it up as RAID 0 in the controller,you can probably erase that way.
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 
LVL 47

Expert Comment

by:David
ID: 39268122
No, do RAID1. It will accomplish the same thing in half the time.   (Either way the metadata will be preserved. So if you have a 300TB disk, would you rather write/verify a 299.9GB LUN, or a 599.8GB  LUN?)
0
 
LVL 30

Expert Comment

by:pgm554
ID: 39268171
I think the way that controller works is that it sets it up as 2 jbods when set to raid 0.
From there you just run the secure erase for both at the same time.

Six one way ,half a dozen the other.
0
 
LVL 1

Author Comment

by:John Tolmachoff
ID: 39268196
And somewhere in between is the middle.

;)

Thanks guys, I will try this later today I hope.
0
 
LVL 47

Accepted Solution

by:
David earned 2000 total points
ID: 39268297
No, it is not the same. If you make it RAID1 then it will take less time. The RAID controller will  be writing the data to the 2nd disk transparently in the background while you write in the foreground.  Your app only needs to write half the amount of data in the foreground.

Since this won't be a compliant erase anyway, then consider the additional benefits of the last phase, the verification phase.  You'll get read load balancing, So if this is the standard DoD write 0, write 1, write random, read, then the last phase will take half as long.

Not only that, but all writes will take less time in addition to having fewer foreground writes.  Why? Because the write cache guarantees 100% of writes will be cached to 2nd drive in RAID1.

But in 2xRAID0 then 0% of the writes will be cached, plus you have to do 2X the number of writes.  [just make sure write-back cache is enabled, which is probably the default]

If you were doing more drives, then RAID1 would be even faster because you wouldn't have to deal with bus saturation as much either.

Since the disks are rather small, since I expect they are pretty old, then why not do a test?

Benchmark total time for 2 instances of doing the RAID0, then do the RAID1.  But make sure that before benching the RAID1 you make sure the controller has finished initializing/mirroring the array before you start.  That will take a few hours at least.

Then we'll see ;)
0
 
LVL 56

Expert Comment

by:andyalder
ID: 39268309
Don't want read load balancing after erasing, you would be verifying that half the data on one disk and half on the other has been zeroed out.
0
 
LVL 47

Expert Comment

by:David
ID: 39268341
it won't be compliant anyway, unless you have a true non-RAID controller. Since you are writing the data immediately before the validation  phase, then only way a RAID-based config  wouldn't be correct is if you have unrecoverable write errors.

Any unrecoverable write errors on a secure erase mean that the HDD has to be physically destroyed.  So as long as the controller doesn't report any such errors then the data will match.    (and if you get an unrecoverable read error on a disk, then no worries, because you already know the data was erased on those blocks, so you are OK)

Now you do risk that the disks were short stroked (reprogrammed to show that there are fewer blocks on the drive then there really are.  The easy way to figure out if the disks were reprogrammed is to look at the make/model info and read up the specs, then look at the size of the disks that are reported to the BIOS (which should match), or the size of a RAID 1 reported by the O/S .. the unaccounted for data is metadata, and should be around 32 MB).
0
 
LVL 1

Author Comment

by:John Tolmachoff
ID: 39273283
Test A: Created one RAID1 volume, initialized, then did a DoD 5220.22-M wipe, then ran a consistancy check. 2 hours 13 minutes

Test B: Created one RAID0 volume, initalized, then did a DoD 5220.22-M wipe, no consitnacy check available. 3 hours 51 minutes

Test C: Created 2 RAID0 volumes (one for each drive,) initalized then did a DOD 5220.22-4 wipe, no consitancy check available. 4 hours 2 mintues
0
 
LVL 1

Author Closing Comment

by:John Tolmachoff
ID: 39273291
Thanks guys. Not the ideal solution, but it works, since I do not have to certify them, just secure wipe them before scrapping them.
0
 
LVL 47

Expert Comment

by:David
ID: 39273341
Like I wrote ... it will do it in half the time, and you even penalized the RAID1 by making it do a 5th pass by forcing a manual consistency check ;)
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your phone running out of space to hold pictures?  This article will show you quick tips on how to solve this problem.
This article shows how to use a free utility called 'Parkdale' to easily test the performance and benchmark any Hard Drive(s) installed in your computer. We also look at RAM Disks and their speed comparisons.
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question