Back in May SanDisk announced the X300s, which is the company's first SED (Self-Encrypting Drive). The X300s is based on the same Marvell platform as SanDisk's client drives but with the differentiation that the X300s is the only drive that supports encryption via TCG Opal and IEEE-1667 (eDrive) standards. Due to the encryption support the X300s is positioned as a business product since the main markets for encrypted drives are corporations and governments, which handle sensitive and confidential data on a daily basis.

In our Intel SSD 2500 Pro review I talked about the cost of a lost corporate laptop in more detail, but in short a lost unencrypted corporate laptop costs an average of $50,000 to the company through the loss of IP and data breaches. (Obviously not every lost laptop will cost that much -- some might not cost anything more than the hardware, but others could be far more valuable.) Encryption is the easiest way to minimize the loss because without access to the data in the laptop, the only loss is the physical laptop and the possible work hours as a result, but frankly that cost is only in the order of a couple of thousand dollars, whereas the loss of IP could result in millions of dollars in damage.

To provide the ease of encryption to everyone, SanDisk is including a license for Wave's EMBASSY Security Center with every X300s. While Windows 8 provides native support for hardware encryption through eDrive, most corporations are still using Windows 7 and that only provides software based BitLocker encryption. Moreover, eDrive has a rather strict set of hardware and software requirements, which can be a dealbreaker if dealing with older hardware with no UEFI and/or TPM support. In addition to Wave, the X300s has been certified by McAfee, WinMagic, Check Point, Softex, and Absolute for Opal encryption in case you or your company already has security software.

SanDisk X300s Specifications
Capacity 64GB 128GB 256GB 512GB 1TB
Form Factor 2.5" 7mm & M.2 2280
Controller Marvell 88SS9188 Marvell 88SS9187
NAND SanDisk 2nd Gen 64Gbit 19nm MLC
Sequential Read 510MB/s 510MB/s 520MB/s 520MB/s 520MB/s
Sequential Write 140MB/s 300MB/s 460MB/s 460MB/s 480MB/s
4KB Random Read 71K IOPS 85K IOPS 90K IOPS 92K IOPS 94K IOPS
4KB Random Write 37K IOPS 66K IOPS 80K IOPS 80K IOPS 82K IOPS
Idle Power (Slumber/DEVSLP) 90mW / 5.0mW 90mW / 5.0mW 90mW / 5.0mW 90mW / 6.0mW 95mW / 6.0mW
Max Power (Read/Write) 2.9W /
2.6W
2.9W /
3.6W
3.0W /
4.9W
3.1W /
5.0W
3.1W / 5.0W
Endurance 40TB (21GB/day for 5 years) 80TB (43GB/day for 5 years)
Encryption TCG Opal 2.0 & IEEE-1667

The X300s is available in both 2.5" and M.2 2280 form factors. The 2.5" version comes in up to 1TB capacity and uses two different controllers depending on the capacity. 256GB and lower use the 4-channel Marvell 9188 (codename Monet Lite), whereas the 512GB and 1TB models use the full 8-channel Marvell 9187 controller (whose codename is surprisingly just Monet). The M.2 2280 is limited to 512GB due to form factor limitations and uses the Monet Lite controller for all capacities.

The PCB in the X300s is single-sided and features a total of eight NAND packages. It is quite impossible to see the markings on the chips from this angle due to the residue from the thermals pads, so here is a closer shot of the NAND with light coming from a better angle.

Unfortunately SanDisk's part numbers do not tell much and there is no public part number decoder available, but SanDisk told me that the X300s uses 64Gbit 1Ynm (i.e. second generation 19nm) parts, meaning that our 512GB sample features eight octal-die NAND packages.

Test Systems

For AnandTech Storage Benches, performance consistency, random and sequential performance, performance vs transfer size and load power consumption we use the following system:

CPU Intel Core i5-2500K running at 3.3GHz (Turbo & EIST enabled)
Motherboard AsRock Z68 Pro3
Chipset Intel Z68
Chipset Drivers Intel 9.1.1.1015 + Intel RST 10.2
Memory G.Skill RipjawsX DDR3-1600 4 x 8GB (9-9-9-24)
Video Card Palit GeForce GTX 770 JetStream 2GB GDDR5 (1150MHz core clock; 3505MHz GDDR5 effective)
Video Drivers NVIDIA GeForce 332.21 WHQL
Desktop Resolution 1920 x 1080
OS Windows 7 x64

Thanks to G.Skill for the RipjawsX 32GB DDR3 DRAM kit

For Wave EMBASSY Security Center and slumber power testing we used a different system:

CPU Intel Core i7-4770K running at 3.3GHz (Turbo & EIST enabled, C-states disabled)
Motherboard ASUS Z87 Deluxe (BIOS 1707)
Chipset Intel Z87
Chipset Drivers Intel 9.4.0.1026 + Intel RST 12.9
Memory Corsair Vengeance DDR3-1866 2x8GB (9-10-9-27 2T)
Graphics Intel HD Graphics 4600
Graphics Drivers 15.33.8.64.3345
Desktop Resolution 1920 x 1080
OS Windows 7 x64
How SEDs Work and Testing Wave's EMBASSY Security Center
POST A COMMENT

34 Comments

View All Comments

  • hojnikb - Friday, August 22, 2014 - link

    *at a cost of capacity :) :) Reply
  • Kristian Vättö - Friday, August 22, 2014 - link

    Yeah, fundamentally SLC, MLC and TLC are the same. Of course there are some silicon level optimizations to better fit the characteristics of each technology but the underlaying physics are the same.

    I'm thinking that pseudo-SLC is effectively just combining the voltage states of MLC/TLC. I.e. output of 11 or 10 from the NAND would read as 1, which allows for higher endurance since it doesn't matter if the actual voltage state switches from 11 to 10 due to the oxide wear out.
    Reply
  • Spoony - Friday, August 22, 2014 - link

    I believe you'd lose half the capacity on your drive. The MLC drives store two bits per cell, so they would store a 1 and a 0 for example. If you now are only allowing it to store a 1, then you've halved the capacity of the cell. Across the entire drive, this would thus halve the total drive capacity.

    As far as performance (read/write speed) I think this would be affected less. SSDs rely on parallelism to extract performance from NAND. The array is just as parallel as before. There might be an impact to performance having to do with extracting less information from each cell, how much this would be I'm not sure.

    I think the changes to firmware would have to be much more substantial than just re-programming how many bits per cell are stored. There is most likely a lot of interesting logic around voltage handling at very small scales. Perhaps even looking at how voltages from neighbouring cells influence each other. I'm not sure how serious this firmware gets regarding physics, but it must have to do some sort of compensation because the drives seem pretty reliable.
    Reply
  • hojnikb - Friday, August 22, 2014 - link

    Yeah, ive "edited" the post to reflect the loss of capacity. Obviously capacity drops, but its still waay cheaper than real SLC solutions.

    I bet write speeds would actually go up (since this is the exact reason why samsung and sandisk are doing pSLC) but read would stay unaffected (since this is controller/interface limited anyway).
    Reply
  • BillyONeal - Thursday, August 21, 2014 - link


    eDrive is not really designed for big corporate operations as it lacks the tools for remote management

    Erm, what is MBAM for then? http://technet.microsoft.com/en-us/library/hh82607... My work PC has remotely managed BitLocker.
    Reply
  • Zink - Thursday, August 21, 2014 - link

    MBAM is "Malwarebytes Anti-Malware" malware removal tool Reply
  • BillyONeal - Thursday, August 21, 2014 - link

    @Zink: It is also "Microsoft Bitlocker Administration and Management" Reply
  • Kristian Vättö - Thursday, August 21, 2014 - link

    Looks like I should have done my research better. Thanks for the heads up, I've edited the review to remove the incorrect reference. Reply
  • thecoolnessrune - Thursday, August 21, 2014 - link

    Yep, I the company I work with also has all of our drives encrypted with Bitlocker. It's managed by MBAM and integrated right into the rest of Active Directory Management. Really simple for the Domain Administrators (and relevant IT HelpDesk personnel) to use and manage.

    eDrive can fit in the Enterprise environment quite well.
    Reply
  • cbf - Thursday, August 21, 2014 - link

    Yup. As the other commenters indicate, the only thing we care about in the Enterprise is BitLocker. Hell, even if it was my personal drive, I'd probably only use BitLocker. I just trust it more than the third party solutions.

    So why don't you review this drive's encryption features using BitLocker. Anand showed how to do this last April: http://www.anandtech.com/show/6891/hardware-accele...
    Reply

Log in

Don't have an account? Sign up now