Reading metadata after sync, Recoverpoint configuration restrictions – Brocade Fabric OS Encryption Administrator’s Guide Supporting RSA Data Protection Manager (DPM) Environments (Supporting Fabric OS v7.2.0) User Manual

182

Fabric OS Encryption Administrator’s Guide (DPM)

53-1002922-01

Using SRDF, TimeFinder and RecoverPoint with encryption

3

Be aware that when an individual primary LUN is rekeyed using the

-

include_mirror option, no

warning message is displayed prior to the rekey occurring.

If a rekey is invoked using the

-

include_mirror option, and the LUN is not a mirror LUN or a

read-only primary LUN, the rekey operation acts as usual.

NOTE

cryptocfg

--

manual_rekey

-

all

-

include_mirror rekeys all the primary and mirror LUNs, not just

mirror LUNs and out-of-sync primary LUNs. Enter only cryptocfg

--

manual_rekey

-

all if you want to

rekey only out-of-sync primary LUNs. The

-

include_mirror option is ignored if the command applies

only to a primary LUN.

Reading metadata after sync

The cryptocfg

--

refreshDEK command can be used to perform a read of the metadata and

reprogram the encryption tables with a new encryption key. After a sync from rekeyed primary LUN
to the mirror LUN, performing cryptocfg

--

refreshDEK will obtain the latest encryption keys for the

primary LUN and configure that for encryption and decryption of the mirror LUN.

NOTE

For all multi-path LUN environments, it is critical to ensure that the target port settings (for example,
os2007 bit, or spc-2 bit) for all paths to a given LUN are configured identically.

Using SRDF, TimeFinder and RecoverPoint with encryption

The EMC Symmetrix Remote Data Facility (SRDF), TimeFinder (TF), and RecoverPoint (RP) work
together to provide reliable and efficient data recovery from a remote data facility:

•

SRDF transmits data that is being written to a local Symmetrix array to a remote Symmetrix
array. The replicated data facilitates a fast switchover to the remote site for data recovery.

•

TF provides local storage replication for increased application availability and faster data
recovery.

•

RP facilitates continuous data protection and continuous remote replication to enable
on-demand protection and point in time data recovery.

RecoverPoint Configuration Restrictions

The Brocade encryption solution only supports Clariion-based splitting operations. The Clariion
arrays at both the source and target sites must be configured so that the RP appliances have
dedicated cleartext target ports for access to the storage arrays. That is, every storage array target
port utilized by a RP appliance for access to the Clariion array must not be configured as a
CryptoTarget container.