Lenovo ThinkSystem PM1733 Entry NVMe PCIe 4.0 x4 SED SSDs User Guide

LENOVO PRESS
User Guide

ThinkSystem PM1733 Entry NVMe PCIe 4.0 x4 SED SSDs

Product Guide
The ThinkSystem PM1733 Entry NVMe PCIe solid-state drives (SSDs) are high- performance self-encrypting drives (SEDs) that adhere to the Trusted Computing Group Opal Security Subsystem Class cryptographic standard (TCG Opal SSC). They are available in 3.84TB and 7.68TB capacities and are general-purpose yet high-performance NVMe PCIe SSDs.

Figure 1. ThinkSystem PM1733 Entry NVMe PCIe 4.0 x4 SED SSD
Did you know?
The PM1733 family of SSDs is the first PCIe 4.0 SSDs in the ThinkSystem portfolio. By having a Gen 4 host interface, sequential performance is doubled. The NVMe host interface also maximizes flash storage performance and minimizes latency. The PM1733 drives offer 40% and 60% improvements in latency over SAS and SATA SSDs respectively.
Self-encrypting drives (SEDs) provide benefits by encrypting data on the fly at the drive level with no performance impact, by providing instant secure erasure thereby making the data no longer readable, and by enabling auto- locking to secure active data if a drive is misplaced or stolen from a system while in use. These features are essential for many businesses, especially those storing customer data.

Click here to check for updates

Part number information
The following table lists the part numbers and feature codes for ThinkSystem servers.

Table 1. Ordering information

Swap SSD SED
4XB7A38258| BE2B| ThinkSystem U.2 PM1733 7.68TB Entry NVMe PCIe 4.0 x4 Hot Swap SSD SED

The part numbers include the following items:

• One solid-state drive
• Documentation flyer

The benefits of drive encryption
Self-encrypting drives (SEDs) provide benefits in three main ways:

• Encrypting data on the fly at the drive level with no performance impact
• By providing instant secure erasure (cryptographic erasure, thereby making the data no longer readable)
• By enabling auto-locking to secure active data if a drive is misplaced or stolen from a system while in use

The following sections describe the benefits in more detail.
Automatic encryption
It is vital that a company keep its data secure. With the threat of data loss due to physical theft or improper inventory practices, it is important that the data be encrypted. However, challenges with performance, scalability, and complexity have led IT departments to push back against security policies that require the use of encryption. In addition, encryption has been viewed as risky by those unfamiliar with key management, a process for ensuring a company can always decrypt its own data. Self-encrypting drives comprehensively resolve these issues, making encryption both easy and affordable.
When the self-encrypting drive is in normal use, its owner need not maintain authentication keys (otherwise known as credentials or passwords) in order to access the data on the drive. The self-encrypting drive will encrypt data being written to the drive and decrypt data being read from it, all without requiring an authentication key from the owner.
Drive retirement and disposal
When hard drives are retired and moved outside the physically protected data center into the hands of others, the data on those drives are put at significant risk. IT departments retire drives for a variety of reasons, including:

• Returning drives for warranty, repair, or expired lease agreements
• Removal and disposal of drives
• Repurposing drives for other storage duties

Nearly all drives eventually leave the data center and their owner’s control. Corporate data resides on such drives, and when most leave the data center, the data they contain is still readable. Even data that has been striped across many drives in a RAID array is vulnerable to data theft because just a typical single stripe in today’s high-capacity arrays is large enough to expose, for example, hundreds of names and bank account numbers.
In an effort to avoid data breaches and the ensuing customer notifications required by data privacy laws, companies use different methods to erase the data on retired drives before they leave the premises and potentially fall into the wrong hands. Current retirement practices that are designed to make data unreadable rely on significant human involvement in the process, and are thus subject to both technical and human failure.
The drawbacks of today’s drive retirement practices include the following:

• Overwriting drive data is expensive, tying up valuable system resources for days. No notification of completion is generated by the drive, and overwriting won’t cover reallocated sectors, leaving that data exposed.
• Methods that include degaussing or physically shredding a drive are expensive. It is difficult to ensure the degauss strength is optimized for the drive type, potentially leaving readable data on the drive. Physically shredding the drive is environmentally hazardous, and neither practice allows the drive to be returned for warranty or an expired lease.
• Some companies have concluded the only way to securely retire drives is to keep them in their control, storing them indefinitely in warehouses. But this is not truly secure because a large volume of drives coupled with human involvement inevitably leads to some drives being lost or stolen.
• Professional disposal services are an expensive option and include the cost of reconciling the services as well as internal reports and auditing. Transporting the drives also has the potential of putting the data at risk.

Self-encrypting drives eliminate the need to overwrite, destroy, or store retired drives. When the drive is to be retired, it can be cryptographically erased, a process that is nearly instantaneous regardless of the capacity of the drive.
Instant secure erase
The self-encrypting drive provides instant data encryption key destruction via cryptographic erasure. When it is time to retire or repurpose the drive, the owner sends a command to the drive to perform a cryptographic erasure. Cryptographic erasure simply replaces the encryption key inside the encrypted drive, making it impossible to ever decrypt the data encrypted with the deleted key.
Self-encrypting drives reduce IT operating expenses by reducing asset control challenges and disposal costs. Data security with self-encrypting drives helps ensure compliance with privacy regulations without hindering IT efficiency. So-called “Safe Harbor” clauses in government regulations allow companies to not have to notify customers of occurrences of data theft if that data was encrypted and therefore unreadable.
Furthermore, self-encrypting drives simplify decommissioning and preserve hardware value for returns and repurposing by:

• Eliminating the need to overwrite or destroy the drive
• Securing warranty returns and expired lease returns
• Enabling drives to be repurposed securely

Auto-locking
Insider theft or misplacement is a growing concern for businesses of all sizes; in addition, managers of branch offices and small businesses without strong physical security face greater vulnerability to external theft. Self- encrypting drives include a feature called auto-lock mode to help secure active data against theft.
Using a self-encrypting drive when auto-lock mode is enabled simply requires securing the drive with an authentication key. When secured in this manner, the drive’s data encryption key is locked whenever the drive is powered down. In other words, the moment the self-encrypting drive is switched off or unplugged, it automatically locks down the drive’s data.
When the self-encrypting drive is then powered back on, it requires authentication before being able to unlock its encryption key and read any data on the drive, thus protecting against misplacement and theft.
While using self-encrypting drives just for the instant secure erase is an extremely efficient and effective means to help securely retire a drive, using self-encrypting drives in auto-lock mode provides even more advantages. From the moment the drive or system is removed from the data center (with or without authorization), the drive is locked. No advance thought or action is required from the data center administrator to protect the data. This helps prevent a breach should the drive be mishandled and helps secure the data against the threat of insider or outside theft.

Features

Non-Volatile Memory Express (NVMe) is PCIe high-performance SSD technology that provides high I/O throughput and low latency. NVMe interfaces remove SAS/SATA bottlenecks and unleash all of the capabilities of contemporary NAND flash memory. Each NVMe PCI SSD has a direct PCIe x4 connection, which provides significantly greater bandwidth and lower latency than SATA/SAS-based SSD solutions. NVMe drives are also optimized for heavy multi-threaded workloads by using internal parallelism and many other improvements, such as enlarged I/O queues.
The PM1733 Entry NVMe PCIe SED SSD has the following features:

• Direct PCIe 4.0 x4 connection for each NVMe drive, resulting in up to 7 Gbps overall throughput.
• Also supports PCIe 3.0 host connection for servers with first and second-generation Intel Xeon Scalable processors or with PCIe 3.0 NVMe switch adapters
• Compliant with Trusted Computing Group Opal 2.0 Security Subsystem Class cryptographic standard (TCG Opal 2.0 SSC)
• Low-cost, read-intensive SSD from Samsung using TLC flash technology
• Advanced ECC Engine and End-to-End Data Protection
• Samsung’s SSD virtualization technology allows a single SSD to be subdivided into smaller SSDs, up to 64, providing independent virtual workspaces. It also enables SSDs to take on certain tasks typically carried out by the server CPUs, such as Single-Root I/O Virtualization (SR-IOV), requiring fewer server CPUs and SSDs.
• V-NAND Machine Learning enables the SSD to accurately predict and verify cell characteristics, as well as detect any variations in circuit patterns.
• Fail-In-Place technology ensures the SSD operates normally even when errors occur at the chip level. It allows the PM1733 to identify failing NAND cells, and actually recover and then relocate the data without interrupting normal operations or impacting performance.
• Protect data integrity from unexpected power loss with Samsung’s advanced power-loss protection architecture
• Supports Self-Monitoring, Analysis, and Reporting Technology (S.M.A.R.T).

Entry SSDs and Performance SSDs have similar read IOPS performance, but the key difference between them is their endurance — how long they can reliably perform write operations. Entry SSDs have a better cost/IOPS ratio but lower endurance compared to Performance SSDs. SSD write endurance is typically measured by the number of program/erase (P/E) write cycles that the drive incurs over its lifetime, listed as the total bytes of written data (TBW) in the device specification.
The TBW value assigned to a solid-state device is the total bytes of written data (based on the number of P/E cycles) that a drive can be guaranteed to complete (% of remaining P/E cycles = % of remaining TBW). Reaching this limit does not cause the drive to immediately fail. It simply denotes the maximum number of writes that can be guaranteed. A solid-state device will not fail upon reaching the specified TBW. At some point based on the manufacturing variance margin, after surpassing the TBW value, the drive will reach the end- of-life point, at which the drive will go into a read-only mode.
Because of such behavior by Entry solid-state drives, careful planning must be done to use them only in read-intensive or mixed up to 70% read/30% write environments to ensure that the TBW of the drive will not be exceeded before the required life expectancy.
For example, the PM1733 1.92 TB drive has an endurance of 3,504 TB of total bytes written (TBW). This means that for full operation over five years, the write workload must be limited to no more than 1,920 GB of writes per day, which is equivalent to 1.0 full drive writes per day (DWPD). For the device to last three years, the drive writes workload must be limited to no more than 3,200 GB of writes per day, which is equivalent to 1.7 full drive writes per day.

Technical specifications

The following tables present the technical specifications for the PM1733 Entry NVMe PCIe SED SSDs. Note that the performance data and power consumption are based on whether the drives are connected to a PCIe 4.0 host interface or a PCIe 3.0 host interface.

Table 2. Technical specifications

Performance & Power – PCIe 4.0 host interface
IOPS read (4 KB blocks)| 1,500,000| 1,450,000
IOPS writes (4 KB blocks)| 135,000| 135,000
Sequential read rate (128 KB blocks)| 7000 MBps| 7000 MBps
Sequential write rate (128 KB blocks)| 3500 MBps| 3500 MBps
Latency (random R/W)| 100 µs / 25 µs| 100 µs / 25 µs
Latency (sequential R/W)| 220 µs / 80 µs| 220 µs / 80 µs
Typical power (R/W)| 20 W / 20 W| 20 W / 20 W
Performance & Power – PCIe 3.0 host interface
IOPS read (4 KB blocks)| 800,000| 800,000
IOPS writes (4 KB blocks)| 135,000| 135,000
Sequential read rate (128 KB blocks)| 3400 MBps| 3400 MBps
Sequential write rate (128 KB blocks)| 3200 MBps| 3200 MBps
Latency (random R/W)| 100 µs / 25 µs| 100 µs / 25 µs
Latency (sequential R/W)| 250 µs / 100 µs| 250 µs / 100 µs
Typical power (R/W)| 15 W / 20 W| 15 W / 20 W

• Backwards compatible with a PCIe 3.0 x4 host interface

Server support
The following tables list the ThinkSystem servers that are compatible.
Table 3. Server support (Part 1 of 2)

Table 4. Server support (Part 2 of 2)

Storage controller support

NVMe PCIe SSDs require an NVMe drive backplane and some form of PCIe connection to processors. PCIe connections can take the form of either an adapter (PCIe  Interposer or PCIe extender) or simply a cable that connects to an onboard NVMe connector.
Consult the relevant server product guide for details about the required components for NVMe drive support.

Operating system support

The following table lists the supported operating systems.
Tip: This table is automatically generated based on data from Lenovo ServerProven.
Table 5. Operating system support for ThinkSystem U.2 PM1733 3.84TB Entry NVMe PCIe 4.0 x4 Hot Swap SSD SED, 4XB7A38257

1. RHEL7.6 Not support with EPYC 7003 processors
2. RHEL7.7 Not support with EPYC 7003 processors
3. RHEL7.8 does Not support EPYC 7003 processors
4. RHEL7.9 Not support with EPYC 7003 processors
5. RHEL8.1 Not support with EPYC 7003 processors
6. RHEL8.2 Not support with EPYC 7003 processors
7. SLES15 SP1 does Not support EPYC 7003 processors
8. SLES15 SP1 Xen does Not support EPYC 7003 processors
9. RHEL7.6 Not supported EPYC 7003 processors.

IBM SKLM Key Management support
To effectively manage a large deployment of SEDs in Lenovo servers, the IBM Security Key Lifecycle Manager (SKLM) offers a centralized key management solution. Certain Lenovo servers support Features on Demand (FoD) license upgrades that enable SKLM support.
The following table lists the part numbers and feature codes to enable SKLM support in the management processor of the server.
Table 6. FoD upgrades for SKLM support

Security Key Lifecycle Manager – FoD (United States, Canada, Asia Pacific, and Japan)
00D9998| A5U1| SKLM for System x/ThinkSystem w/SEDs – FoD per Install w/1Yr S&S
00D9999| AS6C| SKLM for System x/ThinkSystem w/SEDs – FoD per Install w/3Yr S&S
Security Key Lifecycle Manager – FoD (Latin America, Europe, Middle East, and Africa)
00FP648| A5U1| SKLM for System x/ThinkSystem w/SEDs – FoD per Install w/1Yr S&S
00FP649| AS6C| SKLM for System x/ThinkSystem w/SEDs – FoD per Install w/3Yr S&S

The IBM Security Key Lifecycle Manager software is available from Lenovo using the ordering information
listed in the following table.
Table 7. IBM Security Key Lifecycle Manager licenses

SW Subscription & Support 12 Months
7S0A007HWW| IBM Security Key Lifecycle Manager For Raw Decimal Terabyte Storage Resource Value Unit License + SW Subscription & Support 12 Months
7S0A007KWW| IBM Security Key Lifecycle Manager For Raw Decimal Petabyte Storage Resource Value Unit License + SW Subscription & Support 12 Months
7S0A007MWW| IBM Security Key Lifecycle Manager For Usable Decimal Terabyte Storage Resource Value Unit License + SW Subscription & Support 12 Months
7S0A007PWW| IBM Security Key Lifecycle Manager For Usable Decimal Petabyte Storage Resource Value Unit License + SW Subscription & Support 12 Months

The following tables list the ThinkSystem servers that are compatible.
Table 8. IBM SKLM Key Management support (Part 1 of 2)

Table 9. IBM SKLM Key Management support (Part 2 of 2)

Warranty

The PM1733 SSDs carry a one-year, customer-replaceable unit (CRU) limited warranty. When the SSDs are installed in a supported server, these drives assume the server’s base warranty and any warranty upgrades.
Solid-state State Memory cells have an intrinsic, finite number of program/erase cycles that each cell can incur.
As a result, each solid-state device has a maximum amount of program/erase cycles to which it can be subjected. The warranty for Lenovo solid state drives (SSDs) is limited to drives that have not reached the maximum guaranteed number of program/erase cycles, as documented in the Official Published Specifications for the SSD product. A drive that reaches this limit may fail to operate according to its Specifications.

Physical specifications

The PM1733 Entry NVMe PCIe SSDs have the following physical specifications:
Dimensions and weight (approximate, without the drive tray):

• Height: 15 mm (0.6 in.)
• Width: 70 mm (2.8 in.)
• Depth: 100 mm (4.0 in.)
• Weight: 190 g (6.7 oz)

Operating environment

The PM1733 Entry NVMe PCIe SSDs are supported in the following environment:

• Temperature (operating): 0 to 70 °C (32 to 158 °F)
• Temperature (non-operating): -40 to 85 °C (-40 to 185 °F)
• Relative humidity (non-operating): 5 to 95% (noncondensing)
• Maximum altitude: 3,050 m (10,000 ft)
• Shock, Operating: 1,500 G (Max) at 0.5 ms
• Vibration: 20 G PEAK (10-2000 Hz) at 15 mins per axis

Agency approvals
The PM1733 Entry NVMe PCIe SSDs conform to the following regulations:

• UL
• TUV
• FCC
• CE Mark
• C-Tick Mark
• BSMI (Taiwan)
• KCC (Korea EMI)

Related publications and links
For more information, see the following documents:
Lenovo ThinkSystem SSD Portfolio Comparison
https://lenovopress.com/lp1261-lenovo-thinksystem-ssd-portfolio
Lenovo ThinkSystem storage options product web page
https://lenovopress.com/lp0761-storage-options-for-thinksystem-servers
Samsung product page for Enterprise SSDs
https://www.samsung.com/semiconductor/ssd/enterprise-ssd/

Related product families
Product families related to this document are the following:

• Drives

Notices
Lenovo may not offer the products, services, or features discussed in this document in all countries. Consult your local Lenovo representative for information on the products and services currently available in your area. Any reference to a Lenovo product, program, or service is not intended to state or imply that only the Lenovo product, program,  or service may be used. Any functionally equivalent product, program, or service that does not infringe any Lenovo intellectual property right may be used instead. However, it is the user’s responsibility to evaluate and verify the operation of any other product, program, or service. Lenovo may have patents or pending patent applications covering the subject matter described in this document. The furnishing of this document does not give you any license to these patents. You can send license inquiries, in writing, to:
Lenovo (United States), Inc.
8001 Development Drive
Morrisville, NC 27560
U.S.A.
Attention: Lenovo Director of Licensing

LENOVO PROVIDES THIS PUBLICATION ”AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT  LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, OR FITNESS FOR A PARTICULAR PURPOSE. Some jurisdictions do not allow disclaimers of express or implied warranties in certain transactions, therefore, this statement may not apply to you. This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication.  Lenovo may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice.
The products described in this document are not intended for use in implantation or other life support applications where malfunction may result in injury or death to persons.  The information contained in this document does not affect or change Lenovo product specifications or warranties. Nothing in this document shall operate as an express or implied license or indemnity under the intellectual property rights of Lenovo or third parties. All information contained in this document was obtained in specific environments and is presented as an illustration. The result obtained in other operating environments may vary. Lenovo may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you.
Any references in this publication to non-Lenovo Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this Lenovo product, and use of those Web sites is at your own risk. Any performance data contained herein was determined in a controlled environment. Therefore, the result obtained in other operating environments may vary significantly. Some measurements may have been made on development-level systems and there is no guarantee that these measurements will be the same on generally available systems. Furthermore, some measurements may have been estimated through extrapolation. Actual results may vary. Users of this document should verify the applicable data for their specific environment.

© Copyright Lenovo 2022. All rights reserved.

This document, LP1357, was created or updated on March 7, 2021.
Send us your comments in one of the following ways:

• Use the online Contact us review form found at: https://lenovopress.lenovo.com/LP1357
• Send your comments in an e-mail to: comments@lenovopress.com

This document is available online at https://lenovopress.lenovo.com/LP1357.

Trademarks

Lenovo and the Lenovo logo are trademarks or registered trademarks of Lenovo in the United States, other countries, or both. A current list of Lenovo trademarks is available on the Web at https://www.lenovo.com/us/en/legal/copytrade/.
The following terms are trademarks of Lenovo in the United States, other countries, or both:
Lenovo®
ServerProven®
System x®
ThinkSystem®
The following terms are trademarks of other companies:
Intel® and Xeon® are trademarks of Intel Corporation or its subsidiaries.
Linux® is the trademark of Linus Torvalds in the U.S. and other countries.
Microsoft®, Windows Server®, and Windows® are trademarks of Microsoft Corporation in the United States, other countries, or both.
Other company, product, or service names may be trademarks or service marks of others.

References

• Storage Options for ThinkSystem Servers > Lenovo Press
• Lenovo ThinkSystem SSD Portfolio > Lenovo Press
• ThinkSystem PM1733 Entry NVMe PCIe 4.0 x4 SED SSDs Product Guide > Lenovo Press
• Drives > Lenovo Press
• Copyright and Trademark Information | Lenovo US | Lenovo US
• Welcome | ServerProven
• Enterprise SSD | SSD | Samsung Semiconductor Global

Read User Manual Online (PDF format)

Download This Manual (PDF format)

Download this manual  >>