Configuration upload and download considerations, Information not included in an upload – Brocade Fabric OS Encryption Administrator’s Guide Supporting Key Management Interoperability Protocol (KMIP) Key-Compliant Environments (Supporting Fabric OS v7.1.0) User Manual

Page 248

Advertising
background image

230

Fabric OS Encryption Administrator’s Guide (KMIP)

53-1002747-02

Configuration upload and download considerations

5

8. Check that CryptoTarget Containers and associated LUNs fail back successfully on node 1

(BES1), and host I/O also moves from node 2 (BES2) to node 1 (BES1) and continues during
the failback process.

9. To upgrade node 2 (BES2), Repeat steps 2 to 8.

10. After all nodes in the Encryption Group have been upgraded, change back the failback mode to

auto from manual, if required, by issuing the following command.

Admin:switch> cryptocfg --set -failback auto

Configuration upload and download considerations

Security information is not included when you upload a configuration from an encryption switch or
blade. Extra steps are necessary before and after download to re-establish that information. The
following sections describe what information is included in a upload from an encryption group
leader and encryption group member load, what information is not included, and the steps to take
to re-establish the information.

Configuration upload at an encryption group leader node

A configuration upload performed at an encryption group leader node contains the following:

The local switch configuration.

Encryption group-related configuration.

The encryption group-wide configuration of CryptoTargets, disk and tape LUNs, tape pools, HA
clusters, security, and key vaults.

Configuration upload at an encryption group member node

A configuration upload at an individual encryption group member node contains the following:

The local switch configuration.

Encryption group-related configuration.

Encryption group-wide configuration of CryptoTargets, disk and tape LUNs, tape pools, HA
clusters, security, and key vaults.

Information not included in an upload

The following certificates will be not be present when the configuration is downloaded:

External certificates imported on the switch:

-

key vault certificate

-

peer node/switch certificate

-

authentication card certificate

Advertising
Popular Brands
Popular manuals