Configuring blade processor links – Brocade Network Advisor SAN User Manual v12.3.0 User Manual
Page 760
708
Brocade Network Advisor SAN User Manual
53-1003154-01
Encryption node initialization and certificate generation
20
Configuring blade processor links
To configure blade processor links, complete the following steps:
1. Select Configure > Encryption from the menu task bar to display the Encryption Center
dialog box. (Refer to
2. Select the encryption engine from the Encryption Center Devices table, then select Engine >
Blade Processor Link from the menu task bar to display the Blade Processor Link dialog box.
(Refer to
.)
FIGURE 274
Blade Processor Link dialog box
3. Enter the link IP address and mask, and the gateway IP address.
•
Eth0 IP /Mask identifies the Ge0 interface IP address and mask.
•
Eth1 IP /Mask identifies the Ge1 interface IP address and mask.
•
The Gateway IP address is optional.
4. Click OK.
Encryption node initialization and certificate generation
When an encryption node is initialized, the following security parameters and certificates are
generated:
•
FIPS crypto officer
•
FIPS user
•
Node CP certificate
•
A signed Key Authentication Center
(
KAC) certificate
•
A KAC Certificate Signing Request (CSR)
From the standpoint of external SAN management application operations, the FIPS crypto officer,
FIPS user, and node CP certificates are transparent to users. The KAC certificates are required for
operations with key managers. In most cases, KAC certificate signing requests must be sent to a
Certificate Authority (CA) for signing to provide authentication before the certificate can be used. In
all cases, signed KACs must be present on each switch.