Setting fips compliance – Brocade Network Advisor SAN User Manual v12.1.0 User Manual

616

Brocade Network Advisor SAN User Manual

53-1002948-01

Steps for connecting to a KMIP-compliant SafeNet KeySecure

20

6. Register the user name and password. (Refer to

“Registering the KeySecure Brocade group

user name and password”

on page 625.)

7. Export and sign the encryption node certificate signing requests. (Refer to

“Signing the

encryption node KAC CSR on KMIP”

on page 626.)

8. Import the signed certificates into the encryption node. (Refer to

“Importing a signed KAC

certificate into a switch”

on page 628.)

9. Back up the certificates (Refer to

“Backing up the certificates”

on page 629.)

10. Configure the KMIP server. (Refer to

“Configuring the KMIP server”

on page 631.)

11. Add a secondary node to the cluster. (Refer to

“Adding a node to the cluster”

on page 632.)

Setting FIPS compliance

1. From the KeySecure Management Console, select the Security tab, then select Advanced

Security, > High Security.

The High Security Configuration page displays. (Refer to

Figure 217

.)

FIGURE 217

KeySecure High Security Configuration page

2. Under FIPS Compliance, set FIPS Compliance to Yes.

This ensures that only TLS 1.0 connections are supported between the switch and the
KeySecure.