Displaying universal ids, Rekeying all disk luns manually – Brocade Fabric OS Encryption Administrator’s Guide Supporting Key Management Interoperability Protocol (KMIP) Key-Compliant Environments (Supporting Fabric OS v7.1.0) User Manual

Page 133

Advertising
background image

Fabric OS Encryption Administrator’s Guide (KMIP)

115

53-1002747-02

Rekeying all disk LUNs manually

2

Displaying Universal IDs

In order to delete keys from the key vaults, you need to know the Universal ID (UUID) associated
with the decommissioned disk LUN key IDs. To display the Universal IDs, complete the following
procedure:

1. Select Configure > Encryption from the menu task bar to display the Encryption Center

dialog box (Refer to

Figure 6

on page 14).

2. Select a switch from the Encryption Center Devices table, then select Switch >

Decommissioned key IDs from the menu task bar.

The Decommissioned Key IDs dialog box displays (Refer to

Figure 96

).

3. Select the desired decommissioned key IDs from the Decommissioned Key IDs table, then

click Universal ID.

The Universal IDs dialog box displays the universal ID for each selected decommissioned key
(

Figure 97

).

FIGURE 97

Universal IDs dialog box

4. Click Close.

NOTE

You will need to export the decommissioned key ID to the key vault.

Rekeying all disk LUNs manually

BNA allows you to perform a manual rekey operation on all encrypted primary disk LUNs and all
non-replicated disk LUNs hosted on the encryption node that are in the read-write state.

Manual rekeying of all LUNs might take an extended period of time. BNA allows manual rekey of no
more than 10 LUNs concurrently. If the node has more than 10 LUNs, additional LUN rekey
operations will remain in the pending state until others have finished.

The following conditions must be satisfied for the manual rekey operation to run successfully:

The node on which you perform the manual rekey operation must be a member of an
encryption group, and that encryption group must have a key vault configured.

The node must be running Fabric OS 7.0.0 or later.

The encryption group must be in the converged state.

The target container that hosts the LUN must be online.

In addition to providing the ability to launch manual rekey operations, BNA also enables you to
monitor their progress.

Advertising
Popular Brands
Popular manuals