Initialize, Configure, Provision and Manage Your Opal SEDs
The Defender Opal SED300 is an ideal solution for securing and protecting data on a system drive. Full disk encryption secures all data stored on the drive, including the OS.
In order to take full advantage of the Defender Opal SED300 security, you will need to initialize the security of the drive. Otherwise the drive will operate just like any other storage device. For initializing, managing and provisioning, Kanguru provides three software options to serve these different needs.
- Kanguru Pre-Boot Authenticator
- Kanguru Opal Commander
- Mass-Provisioning Tool
The Secure Boot ProcessThe Opal specification defines a 128MB hidden Shadow MBR partition, which Kanguru uses to create a secure, pre-boot environment where locked SEDs can be unlocked.
- Secure Boot is activated and Kanguru PBA is loaded to the Shadow MBR.
- Upon cold power-on, only the Shadow MBR is accessible to the host system. The rest of the drive, including the OS, is locked and inaccessible in this state.
- The host system boots Kanguru PBA from the Shadow MBR.
- An authorized user unlocks the drive with a password.
- The Shadow MBR is temporarily de-activated.
- Kanguru PBA triggers a soft-reboot.
- When the host comes back on, it can access the unlocked drive as normal and boots the OS.
When the host system is powered off, the SED loses power which automatically locks the drive and the Shadow MBR is re-activated.
Kanguru Pre-Boot Authenticator
As part of the Secure Boot process, Kanguru PBA allows a user or Admin to unlock a drive from a secure, pre-boot environment. PBA is included with the download of the Kanguru Opal Commander.
Kanguru Opal Commander
The Kanguru Opal Commander is a simple-to-use interface for initializing and managing Opal compliant SEDs throughout the drive’s lifecycle. Opal Commander displays details about Opal compliant drives attached to the host system and provides management options for security features. PBA is included with the Kanguru Opal Commander.
Lock and unlock drives
Secure Boot and PBA management
Cryptographic data wipe
Reset to factory default
The Opal Mass Provisioning Tool (MPT)
The Opal Mass Provisioning Tool batch initializes Opal compliant SEDs. Opal MPT is optimized for the activation of multiple drives by an Administrator through a single, streamlined process, facilitating mass-rollouts.
Configure and batch-initialize multiple drives
Reset drives to factory default