Brocade Fabric OS Encryption Administrator’s Guide Supporting RSA Data Protection Manager (DPM) Environments (Supporting Fabric OS v7.2.0) User Manual

Page 52

Advertising
background image

32

Fabric OS Encryption Administrator’s Guide (DPM)

53-1002922-01

Steps for connecting to a DPM appliance

2

Uploading the CA certificate onto the DPM appliance (and first-time
configurations)

After an encryption group is created, you need to install the signing authority certificate (CA
certificate) onto the DPM appliance.

1. Open a web browser and connect to the DPM appliance setup page. You will need the URL and

have the proper authority level, user name, and password.

2. Select the Operations tab.

3. Select Certificate Upload.

4. In the SSLCAcertificateFile field, enter the full local path of the CA certificate. Do not use the

UNC naming convention format.

5. Select Upload, Configure SSL, and Restart Webserver.

6. After the web server restarts, enter the root password.

7. Open another web browser window, and start the RSA management user interface.

You will need the URL, and have the proper authority level, user name, and password.

NOTE

The Identity Group name used in the next step might not exist in a freshly installed DPM. To
establish an Identity Group name, click the Identity Group tab, and create a name. The name
Hardware Retail Group is used as an example in the following steps.

8. Select the Key Classes tab. The key classes must be created only once, regardless of the

number of nodes in your encryption group or the number of encryption groups that will be
sharing this DPM.

kcn.1998-01.com.brocade:DEK_AES_256_XTS

kcn.1998-01.com.brocade:DEK_AES_256_CCM

kcn.1998-01.com.brocade:DEK_AES_256_GCM

kcn.1998-01.com.brocade:DEK_AES_256_ECB

a. Click Create.

b. Type the key name string into the Name field.

c. Select Hardware Retail Group for Identity Group.

d. Deselect Activated Keys Have Duration.

e. Select AES for Algorithm.

f.

Select 256 for Key Size.

g. Select the Mode for the respective key classes as follows:

XTS for Key Class "kcn.1998-01.com.brocade:DEK_AES_256_XTS"

CBC for Key Class "kcn.1998-01.com.brocade:DEK_AES_256_CCM"

CBC for Key Class "kcn.1998-01.com.brocade:DEK_AES_256_GCM"

ECB for Key Class "kcn.1998-01.com.brocade:DEK_AES_256_ECB"

Advertising
Popular Brands
Popular manuals