Brocade Network Advisor SAN User Manual v12.3.0 User Manual
Page 918
866
Brocade Network Advisor SAN User Manual
53-1003154-01
Viewing and editing switch encryption properties
20
•
Primary Key Vault Link Key Status/Backup Key Vault Link Key Status: Status options are:
-
Not Used: The key vault type is not LKM/SSKM.
-
No Link Keys, ready to establish: No access request has been sent to an LKM/SSKM,
or a previous request was not accepted.
-
Link key requested, waiting for LKM approval: A request has been sent to LKM/SSKM
and is waiting for the LKM/SSKM administrator’s approval.
-
Created, not validated: An interim state until first used Link Key valid, online:
(LKM/SSKM only) a shared link key exists and has been successfully used.
•
Primary Key Vault Connection Status/Backup Key Vault Connection Status: Whether the
primary key vault link is connected. Options are:
-
Unknown/Busy
-
Key Vault Not Configured
-
No Response
-
Failed authentication
-
Connected
•
Key Vault User Name button: (TEKA only.) Launches a dialog box to identify key vault user
information. A user name is automatically generated on the switch side for use in defining
a TEKA client for the switch.
•
Public Key Certificate Request text box: The switch’s KAC certificate signing request, which
must be signed by a certificate authority (CA). The signed certificate must then be
imported onto the switch and onto the primary and backup key vaults.
•
Export button: Exports the public key certificate in CSR format to an external file for signing
by a certificate authority (CA).
•
Import button: Imports a signed public key certificate.
•
Encryption Engine Properties table: The properties for the encryption engine. There may
be 0 to 4 slots, one for each encryption engine in the switch.
•
Current Status: The status of the encryption engine. Many possible values exist. Common
options are:
-
Not Available (the engine is not initialized)
-
Disabled
-
Operational
-
need master/link key
-
Online
•
Set State To: Identifies if the state is enabled or disabled. You can click the line item in the
table to change the value, then click OK to apply the change.
•
Total Targets: The number of encrypted target devices.
•
HA Cluster Peer: The name and location of the high-availability (HA) cluster peer (another
encryption engine in the same group), if in an HA configuration. If no peer is configured, No
Peer is displayed.
•
HA Cluster Name: The name of the HA cluster (for example, Cluster1), if in an HA
configuration. HA Cluster names can have up to 31 characters. Letters, digits, and
underscores are allowed.
•
Media Type: The media type of the encryption engine. Options are Disk and Tape, or
Disk/Tape when both are present.