San encryption configuration, Chapter 25, Chapter 25, “san encryption configuration – Brocade Network Advisor SAN + IP User Manual v12.1.0 User Manual

Page 905: Chapter

Advertising
background image

Brocade Network Advisor SAN + IP User Manual

851

53-1002949-01

Chapter

25

SAN Encryption Configuration

In this chapter

Encryption Center features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 852

Encryption user privileges. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 853

Smart card usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 854

Network connections. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 865

Blade processor links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 865

Encryption node initialization and certificate generation. . . . . . . . . . . . . . 866

Key Management Interoperability Protocol . . . . . . . . . . . . . . . . . . . . . . . . . 867

Supported encryption key manager appliances . . . . . . . . . . . . . . . . . . . . . 870

Steps for connecting to a DPM appliance . . . . . . . . . . . . . . . . . . . . . . . . . . 871

Steps for connecting to an LKM/SSKM appliance . . . . . . . . . . . . . . . . . . . 876

Steps for connecting to an ESKM/SKM appliance . . . . . . . . . . . . . . . . . . . 881

Steps for connecting to a TEKA appliance. . . . . . . . . . . . . . . . . . . . . . . . . . 892

Steps for connecting to a TKLM appliance . . . . . . . . . . . . . . . . . . . . . . . . . 897

Steps for connecting to a KMIP-compliant SafeNet KeySecure . . . . . . . . . 901

Steps for connecting to a KMIP-compliant keyAuthority . . . . . . . . . . . . . . . 920

Encryption preparation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 921

Creating a new encryption group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 922

Adding a switch to an encryption group. . . . . . . . . . . . . . . . . . . . . . . . . . . . 959

Replacing an encryption engine in an encryption group . . . . . . . . . . . . . . 965

High availability clusters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 966

Configuring encryption storage targets . . . . . . . . . . . . . . . . . . . . . . . . . . . . 969

Configuring hosts for encryption targets . . . . . . . . . . . . . . . . . . . . . . . . . . . 978

Adding target disk LUNs for encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . 980

Adding target tape LUNs for encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . 987

Moving targets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 990

Configuring encrypted tape storage in a multi-path environment . . . . . . . 991

Tape LUN write early and read ahead . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 992

Tape LUN statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 994

Encryption engine rebalancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 998

Master keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 999

Security settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1009

Zeroizing an encryption engine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1009

Advertising
Popular Brands
Popular manuals