Oracle Cloud Infrastructure Documentation

Sanitizing a Roving Edge Device

Some Roving Edge devices provide a sanitization feature that enables you to permanently and securely erase all data from the device in a way that the data can't be recovered. If your device has the sanitization feature, you must sanitize the device before you return the device to Oracle.

When deployed as an OCI Edge Cloud Platform, the Roving Edge device is configured with a virtual ZFS Storage Appliance. It provides system level storage for the controller software, configurations, services, backups, and so on. It also contains the storage resources for compute instances: boot and block volumes, file systems, and any clones or backups created from those.

When sanitizing a device, you must destroy the virtual storage appliance first. This operation cannot be reversed, and makes the installation unusable. Do not interrupt the destruction process or reboot the device. Next, you select one of the following wipe options:

  • Simple Wipe: File storage is erased. This wipe takes less time than a deep wipe, and is suitable for situations where a deep wipe isn't needed, for example, if time is more important than the data on the device, or if you don't have any user data on the device.

  • Deep Wipe: All user data on file storage is erased. Depending on the amount of data on the device, a deep wipe might run for 10 to 20 hours. Select the deep wipe option when you want to completely remove all user data from the device.

When the entire sanitization procedure is completed, the following actions happen:

  • All user data is wiped clean on the device.

  • The device is returned to an unprovisioned state (the same state in which the device was shipped to you).

  • Billing stops for this device.

  • You're presented with a sanitization certificate.

Prerequisites

The device must have connectivity to the device's OCI home region during the entire procedure.

Important

Ensure you have synced all your needed data to Oracle Cloud Infrastructure using Data Sync before deleting it from your devices. See Creating a Data Sync Task Definition.

  1. Access the serial console as described in Operating the Serial Console.

  2. In the serial console, select Advanced Menu, then select Sanitize Device Management.

    The Sanitize Device Management menu is displayed:

                  Sanitize Device Management
   ------------------------------------------------
1) Download Artifacts from OCI for Sanitization
2) Destroy Storage Appliance before Sanitize Device
3) Sanitize Device with Simple Wipe
4) Sanitize Device with Deep Wipe
5) Help

  3. Select Download Artifacts from OCI for Sanitization.

    Files that are required for sanitization are downloaded from OCI to the device.

  4. Select Destroy Storage Appliance before Sanitizing.

    Follow the instructions in the terminal window. When the storage appliance is destroyed, wait for the device to reboot.

    To proceed with the destruction process, enter "destroy":
Enter: destroy
Confirm by entering the device passphrase: ***************
Destroy Storage Appliance success ...
Device will reboot in 10 secs ...

  5. Navigate to the Sanitize Device Management menu again. Select one of the following sanitization programs:

    • Sanitize Device with Simple Wipe

    • Sanitize Device with Deep Wipe

    Follow the instructions in the terminal window.

    To proceed with the sanitization process, enter "sanitize":
Enter: sanitize
Confirm by entering the device passphrase: ***************
Simple Wipe succeeded ...
Start installing sanitization agent ...
Device will reboot in 10 secs ...

    After the sanitization completes, user data is wiped, the device reboots into a minimal OS and displays a new Sanitization Main Menu.

    1) Configure Networking
2) Advanced Operations
3) Device Sanitization

  6. Select Device Sanitization.

    The following menu options are displayed:

    1) Wipe Roving Edge Image
2) Complete Sanitization

  7. Select Wipe Roving Edge Image.

    Data on the boot drive is erased.

  8. Select Complete Sanitization.

    The following actions happen:

    • The device is returned to an unprovisioned state (the same state in which the device was shipped to you).

    • A sanitization certificate is displayed.

      ==== CERTIFICATE OF SANITIZATION ====
Media Information
Make/Vendor: Oracle Roving Edge Device
Node Name: my-red-01
Node Region: us-ashburn-1
Node Ocid: ocid1.rovernodepre.oc1....uniqueID
Node Shape: RED.2.56
Node Serial Number: VM1234-B-5678-1.1-98765
Data Backed up: YES

Sanitization Information
Method Type: Clear & Purge
Method Used: Block & Crypto Erase
Method Details: Boot drives and Data drives using Block & Crypto Erase
Tool Used: Oracle Rover Wiping Tool
Verification Method: Quick Sampling

Media Destination: Manufacturer
Signature: afd44718115b56b42d8d3cd87deae6d6d2d490fecf2c23df3a0d9a540a7d6d2d

Enter "shutdown", without the quotes, to power off the device:

  9. Take a screen shot of the sanitization certificate and save it for your records.

  10. As instructed in the console output, enter "shutdown" (without quotes) at the prompt to power off the device.

  11. If you intend to start self-provisioning again, power the device back on.

    When the boot sequence is complete, the first boot menu appears.

    Roving Edge Basic Configuration Interface (ver. 2.0.58)
Number selects a menu item, Enter accepts the selection, Ctrl+Z refreshes the
menu, Ctrl+C returns to main menu, Backspace deletes a character.

1) Select Platform
2) Advanced Operations

Select option (1-2):