Setting fips compliance – Brocade Network Advisor SAN + IP User Manual v12.1.0 User Manual

902

Brocade Network Advisor SAN + IP User Manual

53-1002949-01

Steps for connecting to a KMIP-compliant SafeNet KeySecure

25

6. Register the user name and password. (Refer to

“Registering the KeySecure Brocade group

user name and password”

on page 911.)

7. Export and sign the encryption node certificate signing requests. (Refer to

“Signing the

encryption node KAC CSR on KMIP”

on page 912.)

8. Import the signed certificates into the encryption node. (Refer to

“Importing a signed KAC

certificate into a switch”

on page 914.)

9. Back up the certificates (Refer to

“Backing up the certificates”

on page 915.)

10. Configure the KMIP server. (Refer to

“Configuring the KMIP server”

on page 917.)

11. Add a secondary node to the cluster. (Refer to

“Adding a node to the cluster”

on page 918.)

Setting FIPS compliance

1. From the KeySecure Management Console, select the Security tab, then select Advanced

Security, > High Security.

The High Security Configuration page displays. (Refer to

Figure 324

.)

FIGURE 324

KeySecure High Security Configuration page

2. Under FIPS Compliance, set FIPS Compliance to Yes.

This ensures that only TLS 1.0 connections are supported between the switch and the
KeySecure.