Platform and Infrastructure
-
NIST media sanitization support for NVMe disks (QFX5240-64OD and QFX5240-64QD)—Starting in Junos OS Evolved Release 23.4X100-D20, we've extended NIST media sanitization support to NVMe solid-state drives (SSDs) to sanitize the drives using:
-
Cryptographic scramble, block erase, and NVMe format with user data erase priorities for the purge method.
-
NVMe format priority for the clear method.
For example, you can use this high level of data destruction when you pull a device from production. To maintain data security, you want to sanitize any drives in the device before it leaves your premises. The NIST Special Publication 800-88 specifies the priority levels for sanitizing drives. In Junos OS Evolved, you sanitize an NVMe drive using the
request system zeroize
command. The sanitization process starts at the highest NIST sanitization priority level that the drive supports. If that attempt fails, the process uses the method associated with the next lowest NIST priority level, and so on, until the drive is sanitized either using one of the NIST methods or using the Linuxdd
command.[See NIST Special Publication 800-88, Guidelines for Media Sanitization.]
-