Link keys tab, Link, Keys tab – Brocade Network Advisor SAN User Manual v12.3.0 User Manual

Page 931

Advertising
background image

Brocade Network Advisor SAN User Manual

879

53-1003154-01

Viewing and editing encryption group properties

20

Link Keys tab

NOTE

The Link Keys tab displays only if the key vault type is NetApp LKM/SSKM.

Connections between a switch and an NetApp LKM/SSKM key vault require a shared link key. Link
keys are used only with LKM/SSKM key vaults. Link keys are used to protect data encryption keys
in transit to and from the key vault. There is a separate link key for each key vault for each switch.
The link keys are configured for a switch but are stored in the encryption engines, and all of the
encryption engines in a group share the same link keys. You must create link keys under the
following circumstances:

When a new encryption group is created.

When a new switch is added to an encryption group.

When a new key vault is added to an encryption group.

After all encryption engines in a switch have been zeroized.

When all of the encryption blades have been removed from a director and one or more new
encryption blades have been added.

The Link Keys tab is viewed from the Encryption Group Properties dialog box. (Refer to

Figure 416

.)

A table displays link key status for each switch in an encryption group, which includes the following
information:

Switch: The name of the selected switch in the encryption group.

Key Vault: The type of key vault, either Primary or Secondary.

Link Key Status: The link key status can be one of the following:

-

No Link Key: No access request was sent to LKM/SSKM yet, or a previous request was not
accepted.

-

No Link Key, ready to establish: No link key exists, and no link key has been requested.

-

Link Key requested, waiting for LKM/SSKM approval: A request was sent to LKM/SSKM
and is waiting for LKM/SSKM approval.

-

Waiting for local approval: A response was received from LKM/SSKM and needs local
quorum of cards approval.

-

Created, not validated: The interim state until first used.

-

Link Key Valid, Online: A shared link key exists and has been successfully used.

Included on the Link Keys tab is the Establish button and the Accept button.

If a switch shows a status of No Link Key, ready to establish, you may select the switch and
click Establish to send a Trust Establishment Package (TEP) message to LKM/SSKM.

If a switch shows a status of Link Key requested, waiting for LKM/SSKM approval, you may
click Accept to accept the Trust Acceptance Package (TAP) that was sent in response to the TEP
that was sent when you clicked Establish.

To access the Link Keys tab, select an LKM/SSKM group from the Encryption Center Devices table,
then select Group > Link Keys from the menu task bar. The Properties dialog box displays with the
Link Keys tab selected.

NOTE

You can also select a group from the Encryption Center Devices table, then click the Properties icon.

Advertising
Popular Brands
Popular manuals