ThinkSystem 5200 Entry SATA 6Gb SED SSDsProduct Guide

Abstract

The ThinkSystem 5200 Entry SATA 6Gb solid-state drives (SSDs) are high-performance self-encrypting drives (SEDs) that adhere to the Federal Information Processing Standard 140-2 (FIPS 140-2) cryptographic standard. They use Micron NAND flash memory technology with a SATA 6Gbps interface to provide an affordable solution for secure read-intensive workloads.

This product guide provides essential presales information to understand the 5200 Entry SED SSD offerings, their key features and specifications, components and options, and configuration guidelines. This guide is intended for technical specialists, sales specialists, sales engineers, IT architects, and other IT professionals who want to learn more about the SSDs and consider their use in IT solutions.

Change History

Changes in the November 30 update:

Introduction

The ThinkSystem 5200 Entry SATA 6Gb solid-state drives (SSDs) are high-performance self-encrypting drives (SEDs) that adhere to the Federal Information Processing Standard 140-2 (FIPS 140-2) cryptographic standard. They use Micron NAND flash memory technology with a SATA 6Gbps interface to provide an affordable solution for secure read-intensive workloads.

The 5200 Entry SATA SED SSD is shown in the following figure.

5100 Enterprise Mainstream SATA SSD
Figure 1. ThinkSystem 5200 Entry SATA 6Gb SED SSDs

Did you know?

Self-encrypting drives (SEDs) provide benefits by encrypting data on-the-fly at the drive level with no performance impact, by providing instant secure erasure thereby making the data no longer readable, and by enabling auto-locking to secure active data if a drive is misplaced or stolen from a system while in use. These features are essential for many businesses, espeically those storing customer data.

Rigorous testing of the 5200 Series SSDs by Lenovo through the ServerProven program assures a high degree of storage subsystem compatibility and reliability. Providing additional peace of mind, these drives are covered under Lenovo warranty.

Part number information

The following table lists the ThinkSystem part numbers.
Table 1. ThinkSystem ordering information
Part number Feature Description
2.5-inch hot-swap drives - ThinkSystem
4XB7A13966 B4G8 ThinkSystem 2.5" 5200 480GB Entry SATA 6Gb Hot Swap SSD SED

The benefits of drive encryption

Self-encrypting drives (SEDs) provide benefits in three main ways:

  • By encrypting data on-the-fly at the drive level with no performance impact
  • By providing instant secure erasure (cryptographic erasure, thereby making the data no longer readable)
  • By enabling auto-locking to secure active data if a drive is misplaced or stolen from a system while in use

The following sections describe the benefits in more details.

Automatic encryption

It is vital that a company keep its data secure. With the threat of data loss due to physical theft or improper inventory practices, it is important that the data be encrypted. However, challenges with performance, scalability, and complexity have led IT departments to push back against security policies that require the use of encryption. In addition, encryption has been viewed as risky by those unfamiliar with key management, a process for ensuring a company can always decrypt its own data. Self-encrypting drives comprehensively resolve these issues, making encryption both easy and affordable.

When the self-encrypting drive is in normal use, its owner need not maintain authentication keys (otherwise known as credentials or passwords) in order to access the data on the drive. The self-encrypting drive will encrypt data being written to the drive and decrypt data being read from it, all without requiring an authentication key from the owner.

Drive retirement and disposal

When hard drives are retired and moved outside the physically protected data center into the hands of others, the data on those drives is put at significant risk. IT departments retire drives for a variety of reasons, including:

  • Returning drives for warranty, repair, or expired lease agreements
  • Removal and disposal of drives
  • Repurposing drives for other storage duties

Nearly all drives eventually leave the data center and their owner's control. Corporate data resides on such drives, and when most leave the data center, the data they contain is still readable. Even data that has been striped across many drives in a RAID array is vulnerable to data theft because just a typical single stripe in today’s high-capacity arrays is large enough to expose for example, hundreds of names and bank account numbers.

In an effort to avoid data breaches and the ensuing customer notifications required by data privacy laws, companies use different methods to erase the data on retired drives before they leave the premises and potentially fall into the wrong hands. Current retirement practices that are designed to make data unreadable rely on significant human involvement in the process, and are thus subject to both technical and human failure.

The drawbacks of today’s drive retirement practices include the following:

  • Overwriting drive data is expensive, tying up valuable system resources for days. No notification of completion is generated by the drive, and overwriting won’t cover reallocated sectors, leaving that data exposed.
  • Methods that include degaussing or physically shredding a drive are expensive. It is difficult to ensure the degauss strength is optimized for the drive type, potentially leaving readable data on the drive. Physically shredding the drive is environmentally hazardous, and neither practice allows the drive to be returned for warranty or expired lease.
  • Some companies have concluded the only way to securely retire drives is to keep them in their control, storing them indefinitely in warehouses. But this is not truly secure because a large volume of drives coupled with human involvement inevitably leads to some drives being lost or stolen.
  • Professional disposal services is an expensive option and includes the cost of reconciling the services as well as internal reports and auditing. Transporting of the drives also has the potential of putting the data at risk.

Self-encyrpting drives eliminate the need to overwrite, destroy, or store retired drives. When the drive is to be retired, it can be cryptographically erased, a process that is nearly instantaneous regardless of the capacity of the drive.

Instant secure erase

The self-encrypting drive provides instant data encryption key destruction via cryptographic erasure. When it is time to retire or repurpose the drive, the owner sends a command to the drive to perform a cryptographic erasure. Cryptographic erasure simply replaces the encryption key inside the encrypted drive, making it impossible to ever decrypt the data encrypted with the deleted key.

Self-encrypting drives reduce IT operating expenses by reducing asset control challenges and disposal costs. Data security with self-encrypting drives helps ensure compliance with privacy regulations without hindering IT efficiency. So called "Safe Harbor" clauses in government regulations allow companies to not have to notify customers of occurrences of data theft if that data was encrypted and therefore unreadable.

Furthermore, self-encrypting drives simplify decommissioning and preserve hardware value for returns and repurposing by:

  • Eliminating the need to overwrite or destroy the drive
  • Securing warranty returns and expired lease returns
  • Enabling drives to be repurposed securely

Auto-locking

Insider theft or misplacement is a growing concern for businesses of all sizes; in addition, managers of branch offices and small businesses without strong physical security face greater vulnerability to external theft. Self-encrypting drives include a feature called auto-lock mode to help secure active data against theft.

Using a self-encrypting drive when auto-lock mode is enabled simply requires securing the drive with an authentication key. When secured in this manner, the drive’s data encryption key is locked whenever the drive is powered down. In other words, the moment the self-encrypting drive is switched off or unplugged, it automatically locks down the drive’s data.

When the self-encrypting drive is then powered back on, it requires authentication before being able to unlock its encryption key and read any data on the drive, thus protecting against misplacement and theft.

While using self-encrypting drives just for the instant secure erase is an extremely efficient and effective means to help securely retire a drive, using self-encrypting drives in auto-lock mode provides even more advantages. From the moment the drive or system is removed from the data center (with or without authorization), the drive is locked. No advance thought or action is required from the data center administrator to protect the data. This helps prevent a breach should the drive be mishandled and helps secure the data against the threat of insider or outside theft.

Features

The 5200 Entry SATA SED SSDs have the following features:

  • Industry standard 2.5-inch form factor
  • Compliant with the FIPS 140-2 Level 2 standard for cryptography modules
  • Supports the SafeStore self-encyrpting drive (SED) functionality of ThinkSystem RAID adapters
  • Innovative 64-layer triple-level cell (TLC) 3D NAND technology
  • Suitable for read-intensive workloads with an endurance of less than 1 full drive write per day (DWPD) for 5 years
  • 6 Gbps SATA host interface
  • High reliability and enhanced ruggedness
  • Absence of moving parts to reduce potential failure points in the server
  • S.M.A.R.T. support
  • Advanced Encrypting Standard (AES) 256-bit encryption
  • Supports Sanitize Cryptographic Erase
  • Full end-to-end data path protection:
    • Extended error correction code (ECC)
    • Exclusive-OR (XOR) parity to protect against Flash die failure
    • Parity-checked internal data paths without an external write cache
    • Power loss data management without the need for a supercapacitor

SSDs have a huge but finite number of program/erase (P/E) cycles, which affect how long they can perform write operations and thus their life expectancy. Mainstream SSDs typically have a better cost per read IOPS ratio but lower endurance and performance compared to Performance SSDs. SSD write endurance is typically measured by the number of program/erase cycles that the drive can incur over its lifetime, which is listed as total bytes written (TBW) in the device specification.

The TBW value that is assigned to a solid-state device is the total bytes of written data that a drive can be guaranteed to complete. Reaching this limit does not cause the drive to immediately fail; the TBW simply denotes the maximum number of writes that can be guaranteed. A solid-state device does not fail upon reaching the specified TBW. However, at some point after surpassing the TBW value (and based on manufacturing variance margins), the drive reaches the end-of-life point, at which time the drive goes into read-only mode. Because of such behavior, careful planning must be done to use SSDs in the application environments to ensure that the TBW of the drive is not exceeded before the required life expectancy.

The 5200 Entry 480 GB drive has an endurance of 870 TB of total bytes written (TBW). This means that for full operation over five years, write workload must be limited to no more than 477 GB of writes per day, which is equivalent to 1.0 full drive writes per day (DWPD). For the device to last three years, the drive write workload must be limited to no more than 795 GB of writes per day, which is equivalent to 1.7 full drive writes per day.

Technical specifications

The following table presents technical specifications for the 5200 Entry SATA SED SSDs.

Tip: Drives listed in this product guide are the Lenovo versions of the Micron 5200 ECO family of SSDs.

Table 2. Technical specifications
Feature 480 GB drive
Interface 6 Gbps SATA
Capacity 480 GB
Endurance (drive writes per day) 1.0 DWPD
Endurance (total bytes written) 870 TB
Data reliability < 1 in 1017 bits read
MTBF 3,000,000 hours
IOPS reads (4 KB blocks) 81,000
IOPS writes (4 KB blocks) 33,000
Sequential read rate (128 KB blocks) 540 MBps
Sequential write rate (128 KB blocks) 385 MBps
Read latency (seq) 200 µs
Write latency (seq) 300 µs
Shock, non-operating 1,500 G (Max) at 0.5 ms
Vibration, non-operating 3.13 GRMS (5-800 Hz)
Typical power (Read / Write) 2.5 / 3.1 W

Server support - ThinkSystem

The following table lists the ThinkSystem servers that are compatible.

Table 3. ThinkSystem server support
Part
number
Description 1S Rack & Tower 2S Rack & Tower 4S Rack Dense/ Blade
ST50 (7Y48/7Y50)
ST250 (7Y45/7Y46)
SR150 (7Y54)
SR250 (7Y51/7Y52)
ST550 (7X09/7X10)
SR530 (7X07/7X08)
SR550 (7X03/7X04)
SR570 (7Y02/7Y03)
SR590 (7X98/7X99)
SR630 (7X01/7X02)
SR650 (7X05/7X06)
SR670 (7Y36/7Y37/7Y38)
SR850 (7X18/7X19)
SR860 (7X69/7X70)
SR950 (7X11/12/13)
SD530 (7X21)
SD650 (7X58)
SN550 (7X16)
SN850 (7X15)
4XB7A13966 ThinkSystem 2.5" 5200 480GB Entry SATA 6Gb Hot Swap SSD SED N N N N N N N N N Y Y N N N N N N N N

Storage controller support

SED drives require a supported SAS controller, either a SAS HBA or a RAID controller with SED support. SED support of RAID adapters is via the MegaRAID SafeStore functionality of the adapter. SED support of the SAS HBAs is by using software on the server (SED commands are passed through the HBA to the drives).

The following table lists which ThinkSystem controllers support the use of SED drives.

Note: Not all servers that support the 5200 Entry SED drives also support all of the adapters supported here. Consult the individual server product guide for specific server support of the adapters.

Table 4. ThinkSystem controller support for SED drives
Part number Feature
code
Description Supports
SED
SED Services
SAS HBA
7Y37A01088 AUNL ThinkSystem 430-8i SAS/SATA 12Gb HBA Yes Host software pass-thru
4C57A16217 B0SS ThinkSystem SD530 430-8i SAS/SATA 12Gb Dense HBA Kit Yes Host software pass-thru
7Y37A01089 AUNM ThinkSystem 430-16i SAS/SATA 12Gb HBA Yes Host software pass-thru
Internal RAID Adapters
None None Intel RSTe onboard controller No support None
7M27A03918 AUYR ThinkSystem RAID 530-4i 2 Drive Adapter Kit for SN550 Yes MegaRAID SafeStore
7M17A03932 AVEC ThinkSystem RAID 530-4i 4 Drive Adapter Kit for SN850 Yes MegaRAID SafeStore
7Y37A01082 AUNG ThinkSystem RAID 530-8i PCIe 12Gb Adapter Yes MegaRAID SafeStore
4C57A16216 AUYK ThinkSystem SD530 HW RAID Kit Yes MegaRAID SafeStore
7Y37A01083 AUNH ThinkSystem RAID 730-8i 1GB Cache PCIe 12Gb Adapter No support None
4Y37A09722 B4RQ ThinkSystem RAID 730-8i 2GB Flash PCIe 12Gb Adapter Yes MegaRAID SafeStore
7M27A03917 AUYS ThinkSystem RAID 930-4i-2GB 2 Drive Adapter Kit for SN550 Yes MegaRAID SafeStore
7M17A03933 AVED ThinkSystem RAID 930-4i-2GB 4 Drive Adapter Kit for SN850 Yes MegaRAID SafeStore
7Y37A01084 AUNJ ThinkSystem RAID 930-8i 2GB Flash PCIe 12Gb Adapter Yes MegaRAID SafeStore
7Y37A01085 AUNK ThinkSystem RAID 930-16i 4GB Flash PCIe 12Gb Adapter Yes MegaRAID SafeStore
4Y37A09721 B31E ThinkSystem RAID 930-16i 8GB Flash PCIe 12Gb Adapter Yes MegaRAID SafeStore
7Y37A01086 AUV1 ThinkSystem RAID 930-24i 4GB Flash PCIe 12Gb Adapter Yes MegaRAID SafeStore
External RAID Adapters
7Y37A01087 AUNQ ThinkSystem RAID 930-8e 4GB Flash PCIe 12Gb Adapter Yes MegaRAID SafeStore

For more information, see the RAID adapter and HBA product guides:

Operating system support

SSDs operate transparently to users, storage systems, applications, databases, and operating systems.

Operating system support is based on the controller used to connect to the drives. Consult the controller propduct guide for more information:

IBM SKLM Key Management support

To effectively manage a large deployment of SEDs in Lenovo servers, IBM Security Key Lifecycle Manager (SKLM) offers a centralized key management solution. Certain Lenovo servers support Features on Demand (FoD) license upgrades that enable SKLM support.

The following table lists the part numbers and feature codes to enable SKLM support in the management processor of the server.

Table 5. FoD upgrades for SKLM support
Part number Feature code Description
Security Key Lifecycle Manager - FoD (United States, Canada, Asia Pacific, and Japan)
00D9998 A5U1 SKLM for System x/ThinkSystem w/SEDs - FoD per Install w/1Yr S&S
00D9999 AS6C SKLM for System x/ThinkSystem w/SEDs - FoD per Install w/3Yr S&S
Security Key Lifecycle Manager - FoD (Latin America, Europe, Middle East, and Africa)
00FP648 A5U1 SKLM for System x/ThinkSystem w/SEDs - FoD per Install w/1Yr S&S
00FP649 AS6C SKLM for System x/ThinkSystem w/SEDs - FoD per Install w/3Yr S&S

The following table lists the ThinkSystem servers that support the SKLM upgrades.

Table 6. ThinkSystem server support
Part
number
Description 1S Rack & Tower 2S Rack & Tower 4S Rack Dense/ Blade
ST50 (7Y48/7Y50)
ST250 (7Y45/7Y46)
SR150 (7Y54)
SR250 (7Y51/7Y52)
ST550 (7X09/7X10)
SR530 (7X07/7X08)
SR550 (7X03/7X04)
SR570 (7Y02/7Y03)
SR590 (7X98/7X99)
SR630 (7X01/7X02)
SR650 (7X05/7X06)
SR670 (7Y36/7Y37/7Y38)
SR850 (7X18/7X19)
SR860 (7X69/7X70)
SR950 (7X11/12/13)
SD530 (7X21)
SD650 (7X58)
SN550 (7X16)
SN850 (7X15)
00D9998 SKLM for System x/ThinkSystem w/SEDs - FoD per Install w/1Yr S&S N N N N Y Y Y Y Y Y Y N Y Y Y N N N N
00D9999 SKLM for System x/ThinkSystem w/SEDs - FoD per Install w/3Yr S&S N N N N Y Y Y Y Y Y Y N Y Y Y N N N N
00FP648 SKLM for System x/ThinkSystem w/SEDs - FoD per Install w/1Yr S&S N N N N Y Y Y Y Y Y Y N Y Y Y N N N N
00FP649 SKLM for System x/ThinkSystem w/SEDs - FoD per Install w/1Yr S&S N N N N Y Y Y Y Y Y Y N Y Y Y N N N N

Warranty

The 5200 Entry SATA SED SSDs carry a one-year, customer-replaceable unit (CRU) limited warranty. When the SSDs are installed in a supported server, these drives assume the system’s base warranty and any warranty upgrades.

Solid State Memory cells have an intrinsic, finite number of program/erase cycles that each cell can incur. As a result, each solid state device has a maximum amount of program/erase cycles to which it can be subjected. The warranty for Lenovo solid state drives (SSDs) is limited to drives that have not reached the maximum guaranteed number of program/erase cycles, as documented in the Official Published Specifications for the SSD product. A drive that reaches this limit may fail to operate according to its Specifications.

Physical specifications

The drives have the following physical specifications (approximate, without the tray):

  • Height: 7 mm (0.3 in.)
  • Width: 70 mm (2.8 in.)
  • Depth: 100 mm (4.0 in.)
  • Weight: 70 g (2.5 oz)

Shipping dimensions and weight - 2.5-inch drives (approximate, including the tray):

  • Height: 63 mm (2.5 in.)
  • Width: 174 mm (6.9 in.)
  • Depth: 133 mm (5.2 in.)
  • Weight: 434 g (1.0 lb)

Operating environment

The SSDs are supported in the following environment:

  • Operating temperature: 0 to 70°C (32 to 158°F)
  • Non-operating temperature: -40 to 85°C (-40 to 185°F)
  • Relative humidity: 5 to 95% (non-condensing)

Agency approvals

The 5200 Entry SATA SED SSDs conform to the following regulations:

  • Micron Green Standard
  • Built with sulfur resistant resistors
  • CE (Europe): EN 55032 Class B, RoHS
  • FCC: CFR Title 47, Part 15 Class B
  • UL: UL-60950-1, 2nd Edition
  • BSMI (Taiwan): approval to CNS 13438
  • RCM (Australia, New Zealand): AS/NZS CISPR32 Class B
  • KCC RRL (Korea): approval to KN 32 Class B, KN 35 Class B
  • W.E.E.E.: Compliance with EU WEEE directive 2002/96/EC.
  • TUV (Germany): approval to IEC60950/EN60950
  • VCCI (Japan): 2015-04 Class B
  • IC (Canada): CISPR32 Class B: Canadian ICES-003:2016

Related product families

Product families related to this document are the following:

Trademarks

Lenovo and the Lenovo logo are trademarks or registered trademarks of Lenovo in the United States, other countries, or both. A current list of Lenovo trademarks is available on the Web at https://www.lenovo.com/us/en/legal/copytrade/.

The following terms are trademarks of Lenovo in the United States, other countries, or both:
Lenovo®
ServeRAID
ServerProven®
System x®
ThinkSystem

The following terms are trademarks of other companies:

Intel® is a trademark or registered trademark of Intel Corporation or its subsidiaries in the United States and other countries.

Other company, product, or service names may be trademarks or service marks of others.