Encryption preparation, Creating an encryption group – Brocade Fabric OS Encryption Administrator’s Guide Supporting RSA Data Protection Manager (DPM) Environments (Supporting Fabric OS v7.2.0) User Manual
Page 55
Fabric OS Encryption Administrator’s Guide (DPM)
35
53-1002922-01
Encryption preparation
2
Encryption preparation
Before you use the encryption setup wizard for the first time, you should have a detailed
configuration plan in place and available for reference. The encryption setup wizard assumes the
following:
•
You have a plan in place to organize encryption devices into encryption groups.
•
If you want redundancy and high availability in your implementation, you have a plan to create
high availability (HA) clusters of two encryption switches or blades to provide failover support.
•
All switches in the planned encryption group are interconnected on an I/O synch LAN.
•
The management ports on all encryption switches and 8-slot Backbone Chassis CPs that have
encryption blades installed, have a LAN connection to the SAN management program and are
available for discovery.
•
A supported key management appliance is connected on the same LAN as the encryption
switches, 8-slot Backbone Chassis CPs, and the SAN Management program.
•
An external host is available on the LAN to facilitate certificate exchange.
•
Switch KAC certificates have been signed by a CA and stored in a known location.
•
Key management system (key vault) certificates have been obtained and stored in a known
location.
Creating an encryption group
The following steps describe how to start and run the encryption setup wizard and create a new
encryption group.
NOTE
When a new encryption group is created, any existing tape pools in the switch are removed.
1. Select Configure > Encryption from the menu task bar to display the Encryption Center
dialog box. (Refer to
.)
FIGURE 17
Encryption Center dialog box - No group defined