Brocade Network Advisor SAN + IP User Manual v12.3.0 User Manual

Page 26

Advertising

background image

xxvi

Brocade Network Advisor SAN + IP User Manual

53-1003155-01

Submitting the CSR to a certificate authority . . . . . . . . . . . . .996
KAC certificate registration expiry. . . . . . . . . . . . . . . . . . . . . . .996
Importing the signed KAC certificate . . . . . . . . . . . . . . . . . . . .997
Uploading the CA certificate onto the DPM appliance
(and first-time configurations). . . . . . . . . . . . . . . . . . . . . . . . . .997
Uploading the KAC certificate onto the DPM appliance
(manual identity enrollment). . . . . . . . . . . . . . . . . . . . . . . . . . .999
DPM key vault high availability deployment . . . . . . . . . . . . . . .999
Loading the CA certificate onto the encryption
group leader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .999

Steps for connecting to an LKM/SSKM appliance . . . . . . . . . . . 1000

Launching the NetApp DataFort Management Console . . . .1001
Establishing the trusted link . . . . . . . . . . . . . . . . . . . . . . . . . .1001
Obtaining and importing the LKM/SSKM certificate. . . . . . 1002
Exporting and registering the switch KAC certificates
on LKM/SSKM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1003
LKM/SSKM key vault high availability deployment . . . . . . . 1003
Data Encryption Keys. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1004

Steps for connecting to an ESKM/SKM appliance . . . . . . . . . . . 1005

Configuring a Brocade group on ESKM/SKM . . . . . . . . . . . 1006
Registering the ESKM/SKM Brocade group user
name and password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1007
Setting up the local Certificate Authority (CA) on
ESKM/SKM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1008
Creating and installing the ESKM/SKM server certificate . 1009
Enabling SSL on the Key Management System (KMS)
Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1011
Creating an ESKM/SKM High Availability cluster . . . . . . . . .1011
Copying the local CA certificate for a clustered
ESKM/SKM appliance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1012
Adding ESKM/SKM appliances to the cluster . . . . . . . . . . . .1012
Signing the encryption node KAC certificates . . . . . . . . . . . .1013
Importing a signed KAC certificate into a switch . . . . . . . . . .1014
ESKM/SKM key vault high availability deployment . . . . . . . .1014
Data Encryption Keys. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1015
ESKM/SKM key vault deregistration . . . . . . . . . . . . . . . . . . .1016

Steps for connecting to a TEKA appliance. . . . . . . . . . . . . . . . . . .1016

Setting up TEKA network connections . . . . . . . . . . . . . . . . . .1017
Creating a client on TEKA . . . . . . . . . . . . . . . . . . . . . . . . . . . .1018
Establishing TEKA key vault credentials on the switch . . . . .1019
Signing the encryption node KAC CSR on the
TEKA appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1020
Importing a signed KAC certificate into a switch . . . . . . . . . 1020

Steps for connecting to a TKLM appliance . . . . . . . . . . . . . . . . . .1021

Exporting the Fabric OS node self-signed KAC certificates. 1022
Converting the KAC certificate format . . . . . . . . . . . . . . . . . 1022
Establishing a default key store and device group on
TKLM. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1022
Adding a device to the device group. . . . . . . . . . . . . . . . . . . 1022
Creating a self-signed certificate for TKLM . . . . . . . . . . . . . 1023

Advertising

Popular Brands

Popular manuals