Configuring key vault settings for rsa data, Protection manager (dpm) – Brocade Network Advisor SAN User Manual v12.1.0 User Manual

Brocade Network Advisor SAN User Manual

641

53-1002948-01

Creating a new encryption group

20

-

For ESKM/SKM key vault setting instructions, see

“Configuring key vault settings for HP

Enterprise Secure Key Manager (ESKM/SKM)”

on page 652.

-

For TEKA key vault setting instructions, see

“Configuring key vault settings for Thales

e_Security keyAuthority (TEKA)”

on page 657.

-

For TKLM key vault setting instructions, see

“Configuring key vault settings for IBM Tivoli

Key Lifetime Manager (TKLM)”

on page 662.

-

For KMIP key vault setting instructions, see

“Configuring key vault settings for Key

Management Interoperability Protocol”

on page 666.

Configuring key vault settings for RSA Data Protection Manager (DPM)

The following procedure assumes you have already configured the initial steps in the Configure
Switch Encryption wizard. If you have not already done so, go to

“Creating a new encryption group”

on page 636.

Figure 248

shows the key vault selection dialog box for DPM.

FIGURE 248

Select Key Vault dialog box for DPM

1. Enter the IP address or host name for the primary key vault. If you are clustering DPM

appliances for high availability, IP load balancers are used to direct traffic to the appliances.
Use the IP address of the load balancer.

2. Enter the name of the file that holds the Primary Key Vault’s CA Key Certificate or browse to the

desired location. This file can be generated from the key vault’s administrative console.

3. If you are implementing encryption on data replication LUNs used by the EMC Symmetrix

Remote Data Facility (SRDF), you must select Enabled for REPL Support.

4. Click Next.

The Specify Certificate Signing Request File Name dialog box displays. (Refer to

Figure 249

.)