Brocade Fabric OS Encryption Administrator’s Guide Supporting Key Management Interoperability Protocol (KMIP) Key-Compliant Environments (Supporting Fabric OS v7.1.0) User Manual

Page 6

Advertising
background image

vi

Fabric OS Encryption Administrator’s Guide (KMIP)

53-1002747-02

Disk device decommissioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112

Decommissioning disk LUNs. . . . . . . . . . . . . . . . . . . . . . . . . . .113
Displaying and deleting decommissioned key IDs. . . . . . . . . .113
Displaying Universal IDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .115

Rekeying all disk LUNs manually . . . . . . . . . . . . . . . . . . . . . . . . . . .115

Setting disk LUN Re-key All . . . . . . . . . . . . . . . . . . . . . . . . . . . .116
Viewing disk LUN rekeying details . . . . . . . . . . . . . . . . . . . . . .117
Viewing the progress of manual rekey operations. . . . . . . . . .119

Thin provisioned LUNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120

Thin provisioning support . . . . . . . . . . . . . . . . . . . . . . . . . . . . .121

Viewing time left for auto rekey . . . . . . . . . . . . . . . . . . . . . . . . . . . .121

Viewing and editing switch encryption properties . . . . . . . . . . . . .122

Exporting the public key certificate signing request
(CSR) from properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .125
Importing a signed public key certificate from properties . . .125
Enabling and disabling the encryption engine state from
properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .126

Viewing and editing encryption group properties . . . . . . . . . . . . . .126

General tab. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .128
Members tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130
Consequences of removing an encryption switch . . . . . . . . . .132
Security tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .133
HA Clusters tab. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .135
Tape Pools tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .137
Engine Operations tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .139

Encryption-related acronyms in log messages . . . . . . . . . . . . . . . .140

Chapter 3

Configuring Encryption Using the CLI

In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .142

Command validation checks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .142

Command RBAC permissions and AD types . . . . . . . . . . . . . . . . . .143

Cryptocfg Help command output . . . . . . . . . . . . . . . . . . . . . . . . . . .145

Management LAN configuration . . . . . . . . . . . . . . . . . . . . . . . . . . .146

Configuring cluster links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .146

Special consideration for blades . . . . . . . . . . . . . . . . . . . . . . . 147
IP Address change of a node within an encryption group. . . .148

Setting encryption node initialization . . . . . . . . . . . . . . . . . . . . . . .148

Advertising
Popular Brands
Popular manuals