San encryption configuration, Chapter 25, Chapter 25, “san encryption configuration – Brocade Network Advisor SAN + IP User Manual v12.3.0 User Manual

Page 1047: Chapter

Advertising
background image

Brocade Network Advisor SAN + IP User Manual

975

53-1003155-01

Chapter

25

SAN Encryption Configuration

In this chapter

Encryption Center features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 976

Encryption user privileges. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 977

Smart card usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 978

Network connections. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 988

Blade processor links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 989

Encryption node initialization and certificate generation. . . . . . . . . . . . . . 990

Key Management Interoperability Protocol . . . . . . . . . . . . . . . . . . . . . . . . . 991

Supported encryption key manager appliances . . . . . . . . . . . . . . . . . . . . . 994

Steps for connecting to a DPM appliance . . . . . . . . . . . . . . . . . . . . . . . . . . 995

Steps for connecting to an LKM/SSKM appliance . . . . . . . . . . . . . . . . . 1000

Steps for connecting to an ESKM/SKM appliance . . . . . . . . . . . . . . . . . 1005

Steps for connecting to a TEKA appliance. . . . . . . . . . . . . . . . . . . . . . . . . 1016

Steps for connecting to a TKLM appliance . . . . . . . . . . . . . . . . . . . . . . . . 1021

Steps for connecting to a KMIP-compliant SafeNet KeySecure . . . . . . . 1025

Steps for connecting to a KMIP-compliant keyAuthority . . . . . . . . . . . . . 1044

Encryption preparation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1045

Creating a new encryption group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1045

Adding a switch to an encryption group. . . . . . . . . . . . . . . . . . . . . . . . . . 1083

Replacing an encryption engine in an encryption group . . . . . . . . . . . . 1088

High availability clusters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1089

Configuring encryption storage targets . . . . . . . . . . . . . . . . . . . . . . . . . . 1093

Configuring hosts for encryption targets . . . . . . . . . . . . . . . . . . . . . . . . . . 1101

Adding target disk LUNs for encryption . . . . . . . . . . . . . . . . . . . . . . . . . . 1103

Adding target tape LUNs for encryption . . . . . . . . . . . . . . . . . . . . . . . . . . 1111

Moving targets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1114

Configuring encrypted tape storage in a multi-path environment . . . . . 1114

Tape LUN write early and read ahead . . . . . . . . . . . . . . . . . . . . . . . . . . . 1115

Tape LUN statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1117

Encryption engine rebalancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1121

Master keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1122

Security settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1131

Zeroizing an encryption engine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1131

Advertising
Popular Brands
Popular manuals