Brocade Fabric OS Encryption Administrator’s Guide Supporting NetApp Lifetime Key Manager (LKM) and KeySecure Storage Secure Key Manager (SSKM) Environments (Supporting Fabric OS v7.2.0) User Manual
Page 287
Fabric OS Encryption Administrator’s Guide (LKM/SSKM)
269
53-1002925-01
DF-compatibility support for disk LUNs
B
Native
(Brocade)
Cleartext
Cleartext
NA in case of cleartext
policy
NA
Yes
The LUN is disabled for encryption. Metadata
is present on the LUN and the LUN is in
encrypted state. You need to either modify the
LUN state to “encrypted” and change the
policy to “encrypt” or use the runtime
cryptocfg --enable -LUN command to force
the change from the current state of the LUN
to cleartext.
Native
(Brocade)
Cleartext
Cleartext
NA in case of cleartext
policy
None
No
No error.
Native
(Brocade)
Cleartext
Cleartext
NA in case of cleartext
policy
Provided No
Error. The key ID input is not applicable to
cleartext. Error is returned from the CLI.
DF
compatible
Encrypted
Encrypt
NA when
LUN State = encrypt
NA
Yes
No error. If the LUN was previously Brocade
encrypted, the LUN is set to Read Only until
you either modify the encryption format or
user the runtime cryptocfg --enable -LUN
command to force the change.
DF
compatible
Encrypted
Encrypt
NA when
LUN State = encrypt
None
No
The LUN is disabled for encryption. The key ID
is missing from the user input. You need to
either modify the LUN state to cleartext or
provide the key ID in the LUN setup.
DF
compatible
Encrypted
Encrypt
NA when
LUN State = encrypt
Provided No
No error. An attempt is made to write the
metadata.
DF
compatible
Encrypted
Cleartext
NA when
LUN State = encrypt
NA
Yes
Adding a LUN with "cleartext" policy is invalid if
the encryption format is DF-Compatible, The
system returns the following error: "Bad
combination of LUN options specified". The
same is true for changing a LUN in
DF-compatible format from "encrypt" to
"cleartext" policy.
DF
compatible
Encrypted
Cleartext
NA when
LUN State = encrypt
None
No
Adding a LUN with "cleartext" policy is invalid if
the encryption format is DF-Compatible, The
system returns the following error: "Bad
combination of LUN options specified". The
same is true for changing a LUN in
DF-compatible format from "encrypt" to
"cleartext" policy.
DF
compatible
Encrypted
Cleartext
NA when
LUN State = encrypt
Provided No
Adding a LUN with "cleartext" policy is invalid if
the encryption format is DF-Compatible, The
system returns the following error: "Bad
combination of LUN options specified". The
same is true for changing a LUN in
DF-compatible format from "encrypt" to
"cleartext" policy.
TABLE 23
Support matrix for disk LUNs for various configuration and modify options (Continued)
LUN
encryption
format
LUN state
LUN policy
Encrypt existing data
Key ID
Metadata
on LUN
Results